SHA1 - set initial key/state?
6 views
Skip to first unread message
Nick Aschberger
Jun 25, 2009, 3:16:24 AM6/25/09
to Crypto++ Users
Hi Folks,
I may be missing something in my use of the SHA1 algorithm, I am
hoping you can explain it to me.
I have an unencrypted string, I make a function call like:
my_sha1_object.calculateDigest(outputdigest, inputstring, length);
No problems there, my digest is created.
However, I am sending this information across a socket, so I'm
thinking that anyone can snoop my unencrypted string,
and assuming they were also using cryptopp sha algorithm, they would
easily be able to recreate the same digest.
Am I wrong in thinking this is insecure - am I thinking about this
incorrectly?
I've been wondering if there is some way to initialise the "state" of
the sha object with our own key/values, which would be secure, and
unrepeatable.
I have looked in to the sha1.InitState function - this retrieves the
intial state - but how do you set it?
Is the "transform" function what I am after? There is no documentation/
usage guide/examples or even comments (or my google-fu is weak!) for
either InitState or Transform functions.
So, what are they for, and do they do what I want?
thanks!
Nick Aschberger
I may be missing something in my use of the SHA1 algorithm, I am
hoping you can explain it to me.
I have an unencrypted string, I make a function call like:
my_sha1_object.calculateDigest(outputdigest, inputstring, length);
No problems there, my digest is created.
However, I am sending this information across a socket, so I'm
thinking that anyone can snoop my unencrypted string,
and assuming they were also using cryptopp sha algorithm, they would
easily be able to recreate the same digest.
Am I wrong in thinking this is insecure - am I thinking about this
incorrectly?
I've been wondering if there is some way to initialise the "state" of
the sha object with our own key/values, which would be secure, and
unrepeatable.
I have looked in to the sha1.InitState function - this retrieves the
intial state - but how do you set it?
Is the "transform" function what I am after? There is no documentation/
usage guide/examples or even comments (or my google-fu is weak!) for
either InitState or Transform functions.
So, what are they for, and do they do what I want?
thanks!
Nick Aschberger
Jeffrey Walton
Jun 25, 2009, 3:29:14 AM6/25/09
to Nick Aschberger, Crypto++ Users
Hi Nick,
Use an HMAC.
Jeff
Nick Aschberger
Jun 25, 2009, 3:50:24 AM6/25/09
to Crypto++ Users
Oh.... duh. It's so simple!
Thanks Jeff.
On Jun 25, 4:29 pm, Jeffrey Walton <noloa...@gmail.com> wrote:
> Hi Nick,
>
> Use an HMAC.
>
> Jeff
>
Thanks Jeff.
On Jun 25, 4:29 pm, Jeffrey Walton <noloa...@gmail.com> wrote:
> Hi Nick,
>
> Use an HMAC.
>
> Jeff
>
Reply all
Reply to author
Forward
0 new messages