SHA1 - set initial key/state?
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
SHA1 - set initial key/state?
by NickAsh
::
Rate this Message:
Hi Folks, I may be missing something in my use of the SHA1 algorithm, I am hoping you can explain it to me. I have an unencrypted string, I make a function call like: my_sha1_object.calculateDigest(outputdigest, inputstring, length); No problems there, my digest is created. However, I am sending this information across a socket, so I'm thinking that anyone can snoop my unencrypted string, and assuming they were also using cryptopp sha algorithm, they would easily be able to recreate the same digest. Am I wrong in thinking this is insecure - am I thinking about this incorrectly? I've been wondering if there is some way to initialise the "state" of the sha object with our own key/values, which would be secure, and unrepeatable. I have looked in to the sha1.InitState function - this retrieves the intial state - but how do you set it? Is the "transform" function what I am after? There is no documentation/ usage guide/examples or even comments (or my google-fu is weak!) for either InitState or Transform functions. So, what are they for, and do they do what I want? thanks! Nick Aschberger --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscribe@.... More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: SHA1 - set initial key/state?
by Jeffrey Walton-3
::
Rate this Message:
Hi Nick, Use an HMAC. Jeff On 6/25/09, Nick Aschberger <nick.aschberger@...> wrote: > > Hi Folks, > > I may be missing something in my use of the SHA1 algorithm, I am > hoping you can explain it to me. > > I have an unencrypted string, I make a function call like: > my_sha1_object.calculateDigest(outputdigest, inputstring, length); > > No problems there, my digest is created. > > > However, I am sending this information across a socket, so I'm > thinking that anyone can snoop my unencrypted string, > and assuming they were also using cryptopp sha algorithm, they would > easily be able to recreate the same digest. > > Am I wrong in thinking this is insecure - am I thinking about this > incorrectly? > > I've been wondering if there is some way to initialise the "state" of > the sha object with our own key/values, which would be secure, and > unrepeatable. > > I have looked in to the sha1.InitState function - this retrieves the > intial state - but how do you set it? > > Is the "transform" function what I am after? There is no documentation/ > usage guide/examples or even comments (or my google-fu is weak!) for > either InitState or Transform functions. > So, what are they for, and do they do what I want? > > thanks! > > > Nick Aschberger > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscribe@.... More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: SHA1 - set initial key/state?
by NickAsh
::
Rate this Message:
Oh.... duh. It's so simple! Thanks Jeff. On Jun 25, 4:29 pm, Jeffrey Walton <noloa...@...> wrote: > Hi Nick, > > Use an HMAC. > > Jeff > > On 6/25/09, Nick Aschberger <nick.aschber...@...> wrote: > > > > > Hi Folks, > > > I may be missing something in my use of the SHA1 algorithm, I am > > hoping you can explain it to me. > > > I have an unencrypted string, I make a function call like: > > my_sha1_object.calculateDigest(outputdigest, inputstring, length); > > > No problems there, my digest is created. > > > However, I am sending this information across a socket, so I'm > > thinking that anyone can snoop my unencrypted string, > > and assuming they were also using cryptopp sha algorithm, they would > > easily be able to recreate the same digest. > > > Am I wrong in thinking this is insecure - am I thinking about this > > incorrectly? > > > I've been wondering if there is some way to initialise the "state" of > > the sha object with our own key/values, which would be secure, and > > unrepeatable. > > > I have looked in to the sha1.InitState function - this retrieves the > > intial state - but how do you set it? > > > Is the "transform" function what I am after? There is no documentation/ > > usage guide/examples or even comments (or my google-fu is weak!) for > > either InitState or Transform functions. > > So, what are they for, and do they do what I want? > > > thanks! > > > Nick Aschberger You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscribe@.... More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~--- |
| Free embeddable forum powered by Nabble | Forum Help |
