Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

IDEA key

3 views
Skip to first unread message

VanMortel

unread,
Jul 28, 2002, 3:57:19 AM7/28/02
to
Hi,
I want to know how IDEA makes from a simple password like : Hello
a 128 bits key that is use for the encryption algorithm?

Thank you
VanMortel

jsa...@ecn.ab.ca

unread,
Jul 28, 2002, 4:33:26 AM7/28/02
to
VanMortel (van_m...@hotmail.com) wrote:
: I want to know how IDEA makes from a simple password like : Hello

: a 128 bits key that is use for the encryption algorithm?

Doing that is not something that IDEA does. Perhaps a program that uses
IDEA may do that, but how to do that is not part of the standard that
defines IDEA, so any such program can do it in its own way, even a bad
one, and still truthfully claim that it is a program that uses IDEA.

How PGP makes keys from pass phrases is documented, and it does it in a
careful way and does it well.

However, if your password is "Hello", no matter how well the key is made,
as long as someone knows which program you use, he can still try every
word in the dictionary, and he will find the word "Hello" quickly. It is
inherently impossible, if your password does not have very much entropy,
for the key produced from it as a result to have any more entropy - to be
any harder to guess - than the password itself. It may _look_ like 128
bits that are random, but if the intended recipient of your message only
needs to type "Hello" to read it, and the eavesdropper knows which
encryption program you are using (you should assume this: it is one of
Kerchoff's principles) then those 128 bits, no matter how they are made,
are as easy to guess as the word "Hello".

So even if you find your answer, it may not be as useful as you just might
have been hoping.

John Savard

Jeffrey Goldberg

unread,
Jul 28, 2002, 5:06:21 AM7/28/02
to
On Jul 28, 2002 VanMortel <van_m...@hotmail.com> wrote
in <%uN09.191$OK6....@wagner.videotron.net>:

> I want to know how IDEA makes from a simple password like : Hello
> a 128 bits key that is use for the encryption algorithm?

Ages ago, I had the same question; so I looked at the PGP source code
(version 2.3 or something like that). I found that for "conventional"
encryption (the -c option) that PGP uses an MD5 hash of the pass phrase to
use as the key for the symmetric encyption.

I don't think that that is formally part of IDEA.

-j

--
Jeffrey Goldberg http://www.goldmark.org/jeff/
Relativism is the triumph of authority over truth, convention over justice
I rarely read top-posted, over-quoting or HTML postings.

Tom St Denis

unread,
Jul 29, 2002, 9:07:22 AM7/29/02
to
"VanMortel" <van_m...@hotmail.com> wrote in message news:<%uN09.191$OK6....@wagner.videotron.net>...

> Hi,
> I want to know how IDEA makes from a simple password like : Hello
> a 128 bits key that is use for the encryption algorithm?

It doesn't. IDEA only speicifes that you pass it a 128-bit string for use.

Tom

P Bilbrough

unread,
Jul 29, 2002, 1:20:09 PM7/29/02
to
Try downloading Securetray utility (several sites on web in Google under
Securetray - all one word). This can be used to "test" words by generating
the hash in a number of formats and might be of interest to you.

"VanMortel" <van_m...@hotmail.com> wrote in message
news:%uN09.191$OK6....@wagner.videotron.net...


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.380 / Virus Database: 213 - Release Date: 24/07/2002


VanMortel

unread,
Jul 30, 2002, 5:27:13 PM7/30/02
to
Thanks a lot for your help and link
VanMortel
"P Bilbrough" <pete...@xxx-btinternet.com> a écrit dans le message news:
ai3tg9$r0m$1...@helle.btinternet.com...
0 new messages