Block Ciphers

Step 2: Setting The Algorithm Object

There are a number of PBE AIs from which to choose (see “Summary of AIs” on page 103 for a more detailed description). For now, choose AI_MD5WithRC2_CBCPad. In Chapter 2 of the Reference Manual, the description of this AI indicates the format of info supplied to B_SetAlgorithmInfo is:

typedef struct {

 

 

unsigned int

effectiveKeyBits;

/* effective key size in bits */

unsigned char *salt;

/* pointer to 8 byte salt value */

unsigned int

iterationCount;

/* iteration count */

} B_RC2_PBE_PARAMS;

 

 

 

 

The section “RC2” on page 38 contains an explanation of effective key bits. The salt is a value that provides security against dictionary attacks or precomputation. An attacker could precompute the digests of thousands of possible passwords, creating a “dictionary” of likely keys. But recall that when you digest, changing input data even a little changes the resulting digest. By digesting the password with a “salt”, the attacker’s dictionary is rendered useless. The attacker would have to create a dictionary of the keys that were generated from each password; then each password would have to have a dictionary of each possible salt. The salt is not secret; knowing the salt will not help anyone without the password to decrypt the data.

To produce the salt, create an eight-byte buffer and then employ a random number generator to generate eight bytes. The iteration count is the number of times Crypto-C will digest. If that value is one, digest the password and salt once; if it is two, digest the password and salt, then digest the digest, and so on. Each iteration will increase an attacker’s task greatly. Five is generally sufficient for most applications:

#define SALT_LEN 8

B_RC2_PBE_PARAMS rc2PBEParams; unsigned char saltData[SALT_LEN];

/* Complete steps 1 - 4 of Generating Random Numbers, then call B_GenerateRandomBytes.*/

if ((status = B_GenerateRandomBytes (randomAlgorithm, saltData, SALT_LEN, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

C h a p t e r 6 S y m m e t r i c - K e y O p e r a t i o n s

2 0 7

Page 229
Image 229
RSA Security 5.2.2 manual Unsigned char * salt, Iteration count