On Wed, Mar 16, 2005, Michael D'Errico wrote: > Hi, > > I read somewhere that it is a good idea to > cryptographically hash your key material to > generate a key, so I wrote a function to do > that. I'm not exactly sure I'm doing what > they suggest, so if anyone cares to, can > you check over my work and see if there are > any weaknesses? Thanks in advance. >
Use of any unsalted key derivation algorithm is not a good idea. I've mentioned this before and the reasons why so I suggest you check the archives. Theerre are several better ways to derive a key. The recommended technique is PKCS#5 v2.0 for new applications. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
