SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: CHAP secret lengths



    Bill,
    True, the padding can be done independent of the iSCSI protocol,
    if such padding is needed then both the initiator and the target
    must use the same algorithm to pad.
    
    Thanks for the info about the crypto libraries all being 
    octet-oriented.
    
    I think what I am hearing is there is no need to support non-octet
    secrets.
    
    thanks,
    Dean
    
    -----Original Message-----
    From: wrstuden@wasabisystems.com [mailto:wrstuden@wasabisystems.com]
    Sent: Thursday, March 13, 2003 8:03 AM
    To: Dean Scoville
    Cc: Julian_Satran@il.ibm.com; ips@ece.cmu.edu
    Subject: Re: CHAP secret lengths
    
    
    On Thu, 13 Mar 2003, Dean Scoville wrote:
    
    > Julian,
    >
    > The MD5 algorithm (RFC 1321) can encode messages that are
    > comprised of an arbitrary number of bits, and as such the
    > message length need not be a multiple of 8-bits.
    >
    > The CHAP RFC (RFC 1994) describes the CHAP Response
    > value as being a one-way hash calculated over a stream of octets,
    > consisting of the Identifier, followed by (concatenated with) the
    > "secret",  followed by (concatenated with) the Challenge Value.
    >
    > This would lead me to believe that the CHAP secret must be an
    > integral number of octets, even though the MD5 algorithm is
    > capable of encoding messages that are not a multiple of 8-bits
    > and even though the iSCSI draft uses units of "bits" (96 random
    > bits, 128 bit random secrets, etc.) when referring to acceptable
    > CHAP secret lengths.
    >
    > Can we assume that CHAP secrets will always be a multiple of 8-bits?
    
    Yes. There's no real reason to support fractions of an octet. Also, the
    crypto libraries I am familiar with only support hashing a number of
    bytes, not bits.
    
    > If not, do we need to pad the secret to a multiple of 8-bits (using
    > 0's as pad bits, perhaps?) before concatenating it with the Identifier
    > and Challenge values and running the result through the MD5 algorithm?
    
    Note what you describe above is not supporting a secret whose length is
    not a multiple of 8-bits, you describe turning such a secret into one
    which is a multiple of 8-bits. So the hashing is still only working with
    octets. That's something that can be done independently of iSCSI.
    
    Take care,
    
    Bill
    


Home

Last updated: Fri Mar 14 01:19:21 2003
12426 messages in chronological order