Re: [GNU Crypto] how to deal with weak keys. was: Documentation

[Casey Marshall]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, May 28, 2003 at 08:29:15PM +1000, Raif S. Naffah wrote:

> ok.  i see the benefit of allowing even weak keys to go through the 
> implementation.  i double checked all the FIPS publications relevant to 
> DES, and couldnt find even a warning about weak keys!
> 
> here is what i propose; it's similar to what we already do in the PRNG 
> class: use of conditional compilation.
> 
> * add in each cipher implementation which is known to exhibit weak, or 
> semi-weak keys, a private static final boolean CHECK_WEAK_KEYS with a 
> default value.  in the makeKey() method we add the code to check for 
> weak keys conditioned by the value of CHECK_WEAK_KEYS.
> 
> * in the code, distinguish the case of weak keys with a new exception 
> that is a subclass of InvalidKeyException.  this way the code will 
> remain backward compatible.
> 
> * add a warning in the documentation, incl. the README about the set 
> default for CHECK_WEAK_KEYS, and how the user can change it to get the 
> desired effect if it is not set to the appropriate value.
> 
> how does this sound?
> 

I like the idea of making the check optional, but how about making this
a property? Perhaps in a global, static property set, somewhat akin to
the properties contained in java.security.Security?

- -- 
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+1OgTgAuWMgRGsWsRAmvEAJ9yj/xq1GzE9B/VORiYrrSvzjdktgCggVdq
YFZIO+rES1IeOg0kA5qDX6c=
=l3Eu
-----END PGP SIGNATURE-----