I've written a program called fallback-reboot, found at http://dcs.nac.uci.edu/~strombrg/fallback-reboot/ The client is in python, and the daemon it connects to is in C, linked with -lcrypto. I'm using SHA1 with a private key and a nonce, in an attempt to get an authentication system that isn't subject to replay attacks. However, I've made a choice, at least for the time being, that I have to wonder about. That is, when I'm SHA1'ing the private key and the nonce together, I'm using a hexadecimal representation of these strings (because it's easier to work with in C), rather than the binary form of the strings. The question then is, is this as effective as if I were to convert the strings to binary, given that the data being digested has the same number of bits of actual entropy from /dev/random (or similar) in either case? Thanks! - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
