[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CFS Questions (protocol? safer/idea linkings?)

To: [email protected], [email protected]
Subject: Re: CFS Questions (protocol? safer/idea linkings?)
From: David Rochberg <[email protected]>
Date: Sun, 23 Jun 1996 01:30:50 -0400
In-Reply-To: Damien Lucifer's message of Fri, 4 Aug 1989 00:40:29 -0400 (EDT)
References: <+cmu.andrew.internet.cypherpunks+8ln8pS:[email protected]>
Sender: [email protected]

ftp://research.att.com/dist/mab/cfs.ps is Blaze's CFS paper (which I
was silly not to read before my last post to cfs-users).  It should
answer many of your questions.

The answer to your "why so muany keys" question is that CFS uses two
keys per attachment (2 * 64 per hybrid-3DES instance * 2 instances =
256).  This is an attempt to foil structural analysis of the
files---under ECB mode alone, identical parts of the file will be
encrypted to identical ciphertext.

To encrypt data, CFS first XORs the data with a long (.5 Mbyte,
according to the paper) repeated psuedo-random mask.  The mask is
generated by running the cipher in OFB mode with one of the keys.

Then the result of the XOR is encrypted in ECB mode with the other
key.  (There's some other optional XORing that goes on as well---read
the paper).

The passphrase->key bit is based on SHS.  Take a look at new_pwcrunch
in getpass.c in your distribution.

					-david

Prev by Date: Re: Win95 Blowfish Implementation
Next by Date: Re: Micropayments: myth?
Prev by thread: SKIP IP-layer encryption release Beta 2.3
Next by thread: Those Evil Republicans
Index(es):
- Date
- Thread