| [<<] [<] Page 1 of 1 [>] [>>] | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Subject:
curious about the state of the project
From: Ivan Popov ####@####.#### Date: 21 Sep 2002 22:59:02 -0000 Message-Id: <Pine.SOL.4.30.0209212350060.13178-100000@hotlips.cs.chalmers.se> Hello, I have not found any information about weaknesses in the "new-variant" TEA, are you aware of any? I see also that at least some software is still using the old form of the algorithm, including e.g. rather recent perl Crypt-Tea (ver.1.43) module. It is probably not good? Or is TEA considered to be a low-security algorithm anyway? Amd one more, more specific question: - what is the reason for always using a key file, isn't it easier to use the password hash as the key directly rathen than via the key file? Best regards, -- Ivan | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Subject:
Re: curious about the state of the project
From: Alex Holden ####@####.#### Date: 22 Sep 2002 10:14:29 -0000 Message-Id: <3D8D9798.7070900@linuxhacker.org> Ivan Popov wrote: > I have not found any information about weaknesses in the "new-variant" > TEA, are you aware of any? TEA-Total uses the block mode version of the new variant. I don't recall reading of any particular weaknesses in the new variant. > I see also that at least some software is still using the old form of the > algorithm, including e.g. rather recent perl Crypt-Tea (ver.1.43) module. > It is probably not good? Or is TEA considered to be a low-security > algorithm anyway? I don't think it's regarded as being low security and I'm not sure how easy the weaknesses in the old algorithm are to exploit, however IANAC (I Am Not A Cryptographer). > Amd one more, more specific question: > - what is the reason for always using a key file, isn't it easier > to use the password hash as the key directly rathen than via the key file? That's because a password has only a relatively small amount of "randomness". With a fast computer you could easily write a program which tried hundreds, probably thousands of keys per second in a brute force attack. Limiting the key to a hash of a short plaintext word or phrase would make it considerably easier to guess the key than using 128 bits of truly random data. If you mean, why bother adding support for password protection of key files- the main answer is that I was asked for the feature several times. It does at least make it quite a bit harder for someone to utilise the private key file should they manage to get hold of it somehow, however it's no real substitute for keeping the private key private. -- ------------ Alex Holden - http://www.linuxhacker.org ------------ If it doesn't work, you're not hitting it with a big enough hammer | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| [<<] [<] Page 1 of 1 [>] [>>] | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||