Re: SHA1 - set initial key/state?

> Hi Nick,
>
> Use an HMAC.
>
> Jeff
>
> On 6/25/09, Nick Aschberger <nick.aschber...@...> wrote:
>
>
>
> >  Hi Folks,
>
> >  I may be missing something in my use of the SHA1 algorithm, I am
> >  hoping you can explain it to me.
>
> >  I have an unencrypted string, I make a function call like:
> >  my_sha1_object.calculateDigest(outputdigest, inputstring, length);
>
> >  No problems there, my digest is created.
>
> >  However, I am sending this information across a socket, so I'm
> >  thinking that anyone can snoop my unencrypted string,
> >  and assuming they were also using cryptopp sha algorithm, they would
> >  easily be able to recreate the same digest.
>
> >  Am I wrong in thinking this is insecure - am I thinking about this
> >  incorrectly?
>
> >  I've been wondering if there is some way to initialise the "state" of
> >  the sha object with our own key/values, which would be secure, and
> >  unrepeatable.
>
> >  I have looked in to the sha1.InitState function - this retrieves the
> >  intial state - but how do you set it?
>
> >  Is the "transform" function what I am after? There is no documentation/
> >  usage guide/examples or even comments (or my google-fu is weak!) for
> >  either InitState or Transform functions.
> >  So, what are they for, and do they do what I want?
>
> >  thanks!
>
> >  Nick Aschberger