[Mono-bugs] [Bug 69036][Nor] Changed - PasswordDeriveBytes results differ from Microsoft when used in non-PKCS5 compliant mode

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Wed, 3 Nov 2004 19:36:38 -0500 (EST)

Previous message: [Mono-bugs] [Bug 64400][Nor] Changed - Explicit declaration bugs
Next message: [Mono-bugs] [Bug 69036][Nor] Changed - PasswordDeriveBytes results differ from Microsoft when used in non-PKCS5 compliant mode
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien@ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=69036

--- shadow/69036	2004-11-03 11:36:55.000000000 -0500
+++ shadow/69036.tmp.13479	2004-11-03 19:36:38.000000000 -0500
@@ -177,6 +177,19 @@
 function can provide. So asking 32 bytes (256 bits) of SHA-1 doesn't
 give more than 160 bits of security (assuming a brute force attack).
 
 If you need 48 bytes then you should either SHA-384 (48 bytes max) or
 SHA-512 (64 bytes max). As an alternative you can generate a random IV
 and append it along the encrypted data (as the IV can be public).
+
+------- Additional Comments From sebastien@ximian.com  2004-11-03 19:36 -------
+This is even worst than I thought :(
+
+StringBuilder sb = new StringBuilder (48 * 3);
+for (int i=0; i < 48; i++) {
+	byte[] b = pdb.GetBytes (1);
+	sb.AppendFormat ("{0}-", b [0].ToString ("X2"));
+}
+Console.WriteLine ("48 shots\t{0}", sb.ToString ());
+
+Asking 48 times for one bytes gets the same results as asking for 1
+time 48 bytes. Which means that asking 32+16 is probably a MS bug.

Previous message: [Mono-bugs] [Bug 64400][Nor] Changed - Explicit declaration bugs
Next message: [Mono-bugs] [Bug 69036][Nor] Changed - PasswordDeriveBytes results differ from Microsoft when used in non-PKCS5 compliant mode
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]