lmhash problems
hey, i'm building a little lmhash module (don't worry about why)
The problem is that the spec seems to be contradictory.
i'm supposed to split the password into two 7 byte halves. (which would then require a block size of 7)
I then use it as a key to encrypt “KGS!@#$%”. The problem is that that is 8 bytes long. (which then requres a block size of 8 bytes).
This is weird.
I'm using python 2.5 with pydes on windows xp.
Apparently you encrypt that specific string using DES. DES has a 56 bit key size and a 64 bit block size, so you use your 7 byte string as the key and the 8 byte string as the block, and it should work without any contradictions.
But it looks like pyDes requires an 8 byte key, and it really shouldn't. As far as I can tell, that's a bug and it breaks the algorithm - some of the code tries to do things in the 56-bit way with circular shifts (in __create_sub_keys), but it goes wrong because there's an extra 8 bits on the end of one of its lists. (By testing with some values, the output seems to depend on all but the last one bit of the 8-byte key, so it's not simply ignoring the 8th byte.)
So pyDes just seems broken - you should probably find a different implementation, or try to fix it yourself, and then find some reliable examples of DES encryption to compare it against to make sure it's giving the correct answers.
But it looks like pyDes requires an 8 byte key, and it really shouldn't. As far as I can tell, that's a bug and it breaks the algorithm - some of the code tries to do things in the 56-bit way with circular shifts (in __create_sub_keys), but it goes wrong because there's an extra 8 bits on the end of one of its lists. (By testing with some values, the output seems to depend on all but the last one bit of the 8-byte key, so it's not simply ignoring the 8th byte.)
So pyDes just seems broken - you should probably find a different implementation, or try to fix it yourself, and then find some reliable examples of DES encryption to compare it against to make sure it's giving the correct answers.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement