Re: Passphrases in or out


Thanks for your prompt response.  But I have one further question:

Bennet Yee wrote:
> Steve, using assymetric cryptography is not a necessary condition for
> distinguish between attackers and valid participants.
> The authentication hash proposed in the passauth3.txt that Tom
> Stephens just sent is a bit complicated.  I'll first simply point out
> that an attacker does not have the same information as the valid
> participants by a simple reduction to a previously solved problem,
> that of computing a MAC on a single message.
> We believe HMAC(k,m) = h(k,p2,(k,p1,m)) to be a good MAC on message m
> (where p1 and p2 are padding bytes necessary to bring (k,p1) and
> (k,p2) to full compression function argument boundaries).  k is a
> shared ``MAC key'', not known to eavesdroppers. 

But how is the shared ``MAC key'' communicated?  Using asym crypto?
Or is it derived from the shared password, in which case the attacker
could use a dictionary attack?

Or would, for example, all Compuserve subscribers have the same
shared MAC key and we assume the eavesdropper does not know it?

Steve Petri
Litronic Industries				(714)545-6649

Received on Monday, 5 August 1996 18:40:19 UTC