> If the hash output is not enough, then extra 0x00 byte will be added to > your passphrase and hashed again to produce additional and different > hashing output. If even this isn't enough, then two 0x00 bytes will be > added and hashed again, and so on.
Ok -- so just some points of clarification. What is the default s2k-digest-algo? Lets say its SHA1 or for the point of argument I set it to be SHA1. SHA1 always produces 160 bit resultants. Say I want to use the AES256 cipher. If I am understanding what has been reported previously, this requires a 256 bit key. If the process you described above works, wouldn't a 160 bit hash always be produced? Just to clarify in my own mind your process -- If the hash output is not enough and an extra 0x00 byte (which I think you are telling me 0x00 = 256 0 bits) is added to the passphrase and then rehashed with SHA1 - wouldn't another 160 bit hash be produced again? How would a 256 bit hash ever be produced is the SHA1 hash was always used. Thanks -- I have a feeling I'm getting off in left field here and missing some understanding of some basic concepts. -- Kevin Hilton _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
