|
Information Security
< Previous Next >
re: DES (option 2)
Scott Atwell / American Century <>
10 Sep 2001 7:42AM ETThe App Note you're referring to was written to define PGP-DES-MD5 (tag 98, value 5) and PEM-DES-MD5 (no one uses to the best of my knowledge). The author of that document was not very familiar with the implementation of "standard DES" in FIX (tag 98, value 2) which pre-dated PGP-DES-MD5 and unfortunately attempted to partially document its behavior. I would recommend only using that App Note as a reference for PGP-DES-MD5.
For EncryptMethod (tag 98), value 2 (standard DES):
1) DES in ECB (only) mode
2) a. Key is exchanged out of band and does not change on any sort of regular basis
2) b. There is no RawData or SessionInfo block in the Logon to facilitate 98=2.
3) That's just the way everyone implemented it back in the early-to-mid 1990s. The "improved" implementation was PGP-DES-MD5 (98=5) was documented in 1996 is more secure, provides a reference implementation, and a better description.
> Hello,
>
> I'm looking at plain DES encryption (option 2) and seem to be finding somewhat conflicting information. The Security Protocol Application Note appears to describe not just PGP-DES-MD5 and PEM-DES-MD5, but DES as well. For example, it says "... if the EncryptMethod is DES (i.e. option 2), the [LOGON] buffer is encrypted using the DES master key... the DES master key is used only for encrypting LOGON messages." If this app note is indeed the documentation for DES encryption, it seems to imply or state the following:
>
> 1. Logon message contains a SessionInfo struct in the RawData field.
>
> 2. Logon message is encrypted with master key in ECB mode (not stated, but implied since no initialization vector seems to be available at initial logon time.)
>
> 3. Non-logon messages are encrypted in CBC mode using the procedure given.
>
> However, I've read postings in this forum that state for DES _all_ messages should be encrypted in ECB mode. The app note never mentions ECB mode.
>
> So if anyone can help me with the following questions, I would certainly appreciate it.
>
> 1. Which is it - ECB only, ECB/CBC, or other?
>
> 2. If ECB only, which key is used for non-Logon messages, the master key or the key given in SessionInfo? If the SessionInfo key, what about the IVec? Should it be included but empty, or excluded? If the master key, should SessionInfo then not be included?
>
> 3. Also if ECB only, why? The app note seems to make sense and to be more secure.
>
> Thanks for your help.
>
> Andrew Smith
>
>
re: DES (option 2)
Scott Atwell / American Century 10 Sep 2001 7:42AM ET re: DES (option 2) Ryan Pierce / Townsend Analytics Ltd. / Archipelago LLC 10 Sep 2001 3:47PM ET
|
