IETF Logo Mail Archive

[openpgp] On composing scrypt and openpgp s2k key stretching for symmetric encryption

Brian Gitonga Marete <marete@toshnix.com> Thu, 22 May 2014 13:48 UTC

Return-Path: <marete@toshnix.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 869371A017A for <openpgp@ietfa.amsl.com>; Thu, 22 May 2014 06:48:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.722
X-Spam-Level:
X-Spam-Status: No, score=0.722 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v8pXTOQvtz8o for <openpgp@ietfa.amsl.com>; Thu, 22 May 2014 06:48:31 -0700 (PDT)
Received: from mail-ve0-f182.google.com (mail-ve0-f182.google.com [209.85.128.182]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E54E1A0168 for <openpgp@ietf.org>; Thu, 22 May 2014 06:48:31 -0700 (PDT)
Received: by mail-ve0-f182.google.com with SMTP id sa20so4456494veb.13 for <openpgp@ietf.org>; Thu, 22 May 2014 06:48:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=oE+xBCgD3nJuvXEI4n5KPzS1sjp1YXG+QkaiX3GJsL0=; b=jeKwzgqKbMaHFNfsfYQOu1F5goC+7DAVBP0mt+MErTUi/h/xQVm06ggXbt9m9/hmN6 1RcoMQ1Qslv3P/SDr/xh13uZXZy085KEMQQk7J5Bw+kz+nixynZNzW72e25SjDi+Bus7 Kdm7ebYWzWYnMA99lVZVEMNaW3NCyXDCZUsNL7Xn4Ndj6s2D7HNmdARssvSRb42zXJ/I VRl+TnLF3zU8Sj/PVht6nytin4VOTEH7Y2Bo/kk34jbKtyaJkCIQtjLdHpCstsJcISYF nr9bL7Z/sq7djQEGe7KlXE0aM86GZlozOR45oxAowKrHDf6h/QuTMr7/ECJyioPeMWBS hHTQ==
X-Gm-Message-State: ALoCoQki0pQaB2Mdu5+7Zmw2eLfQIRigtdlgJO4BVvgm5O8ggdilkfJ719UgonBS0rnsc3xY2sJq
X-Received: by 10.52.149.99 with SMTP id tz3mr221671vdb.92.1400766509461; Thu, 22 May 2014 06:48:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.58.12.68 with HTTP; Thu, 22 May 2014 06:48:09 -0700 (PDT)
X-Originating-IP: [197.237.93.196]
From: Brian Gitonga Marete <marete@toshnix.com>
Date: Thu, 22 May 2014 16:48:09 +0300
Message-ID: <CAHVUoiQAFthafuGCjegJQr8WFC-myR2ecHDz7mRggeyBE5KUSQ@mail.gmail.com>
To: openpgp@ietf.org
Content-Type: multipart/alternative; boundary="bcaec51b986d35ca8004f9fd5e0b"
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/IubZlQfTENP_qMX9rHGhgVOmHag
Subject: [openpgp] On composing scrypt and openpgp s2k key stretching for symmetric encryption
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 May 2014 13:50:25 -0000

Hello all!

What would be the security effect of generating a 32 byte key from a
passphrase using scrypt and then using that as a "passphrase" for openpgp's
symmetric encryption (this 32 byte key will of course then be acted upon by
openpgp's s2k algorithm). Specifically, can one expect that this will make
brute-forcing a symmetric passphrase (theoretically or practically) harder?
(Given the same strong passhrase).

Please note that I am asking this from an application point of view and not
calling for the inclusion of scrypt into the openpgp standard.

Thanks!

Brian Gitonga Marete.

v2.23.0 | Report a Bug | By Email