Chapter 6 Symmetric-Key Operations 207
Block Ciphers
Step 2: Setting The Algorithm Object
There are a number of PBE AIs from which to choose (see “Summary of AIs” on
page 103 for a more detailed description). For now, choose
AI_MD5WithRC2_CBCPad. In
Chapter 2 of the Reference Manual, the description of this AI indicates the format of
info
supplied to B_SetAlgorithmInfo is:
The section “RC2” on page 38 contains an explanation of effective key bits. The salt is
a value that provides security against dictionary attacks or precomputation. An
attacker could precompute the digests of thousands of possible passwords, creating a
“dictionary” of likely keys. But recall that when you digest, changing input data even
a little changes the resulting digest. By digesting the password with a “salt”, the
attacker’s dictionary is rendered useless. The attacker would have to create a
dictionary of the keys that were generated from each password; then each password
would have to have a dictionary of each possible salt. The salt is not secret; knowing
the salt will not help anyone without the password to decrypt the data.
To produce the salt, create an eight-byte buffer and then employ a random number
generator to generate eight bytes. The iteration count is the number of times Crypto-C
will digest. If that value is one, digest the password and salt once; if it is two, digest
the password and salt, then digest the digest, and so on. Each iteration will increase
an attacker’s task greatly. Five is generally sufficient for most applications:
typedef struct {
unsigned int effectiveKeyBits; /* effective key size in bits */
unsigned char *salt; /* pointer to 8 byte salt value */
unsigned int iterationCount; /* iteration count */
} B_RC2_PBE_PARAMS;
#define SALT_LEN 8
B_RC2_PBE_PARAMS rc2PBEParams;
unsigned char saltData[SALT_LEN];
/* Complete steps 1 - 4 of Generating Random Numbers,
then call B_GenerateRandomBytes.*/
if ((status = B_GenerateRandomBytes
(randomAlgorithm, saltData, SALT_LEN,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
