>RFC-4880, section 3.7.1.1: > If the hash size is less than the key size, multiple instances of > the hash context are created -- enough to produce the required key > data. These instances are preloaded with 0, 1, 2, ... octets of > zeros (that is to say, the first instance has no preloading, the > second gets preloaded with 1 octet of zero, the third is preloaded > with two octets of zeros, and so forth).
>In other words, there are multiple hash contexts run, each responsible >for a different part of of the key (0-159 & 159-255 in your SHA1 and >AES256 example). Sorry about my last reply, went I sent my question, David had not responded as of yet. Ok, so just to clarify, say I have a 160bit hash product (produced from a salted password) Using the SHA1 hash. In my theoretical example, AES256 requires a 256 bit key. To construct this key Bits #1 0-159 = the salted hashed password (with 0 octects added) #2 159-255 = the leftmost 80 bits of the salted preloaded password with 1 octet zeros and then hased. To produce the full 256 bits, the results of operation 1 and operation 2 are combined -- meaning result #1 is shifted 80 bits and then #2 is added to #1? Randomly generated session keys -- once produced are these salted and hashed similiar to passwords? Or is the generated session key the required length for the chosen cipher? When passwords are salted -- how long is the salt? Is this appended or prepended to the chosen password? -- Kevin Hilton _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
