Re: different instructions for use with aes256?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi David

I understand what the head command is just doing away with the uuencode header while tail extracts the last 65 lines; but still, why is each key 45 bytes in length?

I suppose that what varies from, eg, AES128 to AES192 is the length of the key with which the 65 (sector) keys are then encrypted; is that it? This is the only way in which my rudimentary understanding of these issues allows me to make sense of the fact that sector keys are allowed to have the same length in both scenarios.

Again, any clarification would be great

Marv

From: David <shadoweyez@xxxxxxxxx>
To: linux-crypto@xxxxxxxxxxxx
Subject: Re: different instructions for use with aes256?
Date: Tue, 25 Oct 2005 16:44:42 -0700

FYI the command

head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 \
| gpg --symmetric -a >/a/usbstick/keyfile.gpg

produces a key that will work with AES128, 192, 256 or other cipher you
use it with; it is independent of the cipher.  Because of the "head" and
"tail" commands being used, you could type head -c 10000000 ... and
still end up with a key of the same size.  I tried this once and any
value equal to or over 2925 will not change the size of the key, because
head and tail concatenate the output.

When I setup loop-aes I used a patched version of gpg (the patch that
came with loop-aes) as well as the --cipher-algo=AES256 option on gpg as
gpg defaults to CAST5 as the cipher.

David


Marvin Lyndon wrote:
> Well, I decided to just go ahead and use AES128. Concluded that, as with
> all computing stuff, it is too easy to get carried away by the "let's go
> for the largest number" mentality whenever confronted with a choice and
> don't really know any of the details. : )
>
> With that out of the way, and just out of curiosity, could anyone clear
> up the decision of having 2925 bytes? I can tell that divided by 65 it
> means that each key will be 45 bytes long; but what is the rationale
> here? My understanding of these issues is very dim, but how does this
> number of 45 bytes relate with the use of AES128? Similarly, why would
> someone using AES256 pick 90-byte keys?
>
> Thanks for educating me,
>
> Marv
>
>
>> From: Bradley Worley <geekysuavo@xxxxxxxxx>
>> To: Marvin Lyndon <marvin.lyndon@xxxxxxxxxxx>
>> CC: linux-crypto@xxxxxxxxxxxx
>> Subject: Re: different instructions for use with aes256?
>> Date: Tue, 25 Oct 2005 15:37:49 -0500
>>
>> that code seems to work just fine, since almost all examples on the
>> net use either 2925 bytes from /dev/random or 2880 bytes.  however, i
>> guess if you really want to be picky you can up it to 5850 bytes
>> (double 2925), since you are technically doubling your key sizes.
>> (it's a wild guess, really.)
>>
>>   ~ brad.
>>
>> On 10/25/05, Marvin Lyndon <marvin.lyndon@xxxxxxxxxxx> wrote:
>> > Hi all,
>> >
>> > I have successfully followed all the steps in the loop-AES readme file.
>> > Since I couldn't find any reference to this, I would like to know
>> whether
>> > the step in which one creates the 65 random keys
>> >
>> > head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 \
>> > | gpg --symmetric -a >/a/usbstick/keyfile.gpg
>> >
>> > needs any modification for use in AES256 mode. Or is it enough to
>> replace
>> > all occurrences of AES128 with AES256 as one follows the README file?
>> >
>> > Thanks for any help
>> >
>> > Marv
>> >
>> > _________________________________________________________________
>> > FREE pop-up blocking with the new MSN Toolbar ? get it now!
>> > http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
>> >
>> >
>> > -
>> > Linux-crypto:  cryptography in and on the Linux system
>> > Archive:       http://mail.nl.linux.org/linux-crypto/
>> >
>> >
>
>
> _________________________________________________________________
> Don?t just search. Find. Check out the new MSN Search!
> http://search.msn.click-url.com/go/onm00200636ave/direct/01/
>
>
> -
> Linux-crypto:  cryptography in and on the Linux system
> Archive:       http://mail.nl.linux.org/linux-crypto/
>
>

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux