crypto(3) ?

Torbjörn Törnkvist tobbe@REDACTED
Thu Mar 4 12:58:59 CET 2004


I've been comparing the crypto(3) man page with the CIFS  description
on how the (SMB) session key is computed, trying to understand if they
are the same. Perhaps someone (Peter ?) could comment on this?

The CIFS explanation:
E(K, D) denote the DES block mode encryption function [FIPS 81] , which
accepts a seven byte key (K) and an eight byte data block (D) and produces
an eight byte encrypted data block as its value.

Ex(K,D) denote the extension of DES to longer keys and data blocks. If the
data to be encrypted is longer than eight bytes, the encryption function is
applied to each block of eight bytes in sequence and the results are 
together. If the key is longer than seven bytes, each 8 byte block of 
data is first
completely encrypted using the first seven bytes of the key, then the 
second seven
bytes, etc., appending the results each time. For example, to encrypt 
the 16 byte
quantity D0D1 with the 14 byte key K0K1,
Ex(K0K1,D0D1) = concat(E(K0,D0),E(K0,D1),E(K1,D0),E(K1,D1))

So is this algorithm covered by the crypto module?
This just gives me headache...

Cheers, Tobbe

More information about the erlang-questions mailing list