RE: CHAP secret lengths

To: <wrstuden@wasabisystems.com>
Subject: RE: CHAP secret lengths
From: "Dean Scoville" <dean.scoville@qlogic.com>
Date: Thu, 13 Mar 2003 15:24:08 -0800
Cc: <Julian_Satran@il.ibm.com>, <ips@ece.cmu.edu>
content-class: urn:content-classes:message
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;charset="iso-8859-1"
Sender: owner-ips@ece.cmu.edu
Thread-Index: AcLptgedZLIxOrJPS2yqzi9jTSjsxQAAH2Jg
Thread-Topic: CHAP secret lengths

Bill,
True, the padding can be done independent of the iSCSI protocol,
if such padding is needed then both the initiator and the target
must use the same algorithm to pad.

Thanks for the info about the crypto libraries all being 
octet-oriented.

I think what I am hearing is there is no need to support non-octet
secrets.

thanks,
Dean

-----Original Message-----
From: wrstuden@wasabisystems.com [mailto:wrstuden@wasabisystems.com]
Sent: Thursday, March 13, 2003 8:03 AM
To: Dean Scoville
Cc: Julian_Satran@il.ibm.com; ips@ece.cmu.edu
Subject: Re: CHAP secret lengths

On Thu, 13 Mar 2003, Dean Scoville wrote:

> Julian,
>
> The MD5 algorithm (RFC 1321) can encode messages that are
> comprised of an arbitrary number of bits, and as such the
> message length need not be a multiple of 8-bits.
>
> The CHAP RFC (RFC 1994) describes the CHAP Response
> value as being a one-way hash calculated over a stream of octets,
> consisting of the Identifier, followed by (concatenated with) the
> "secret",  followed by (concatenated with) the Challenge Value.
>
> This would lead me to believe that the CHAP secret must be an
> integral number of octets, even though the MD5 algorithm is
> capable of encoding messages that are not a multiple of 8-bits
> and even though the iSCSI draft uses units of "bits" (96 random
> bits, 128 bit random secrets, etc.) when referring to acceptable
> CHAP secret lengths.
>
> Can we assume that CHAP secrets will always be a multiple of 8-bits?

Yes. There's no real reason to support fractions of an octet. Also, the
crypto libraries I am familiar with only support hashing a number of
bytes, not bits.

> If not, do we need to pad the secret to a multiple of 8-bits (using
> 0's as pad bits, perhaps?) before concatenating it with the Identifier
> and Challenge values and running the result through the MD5 algorithm?

Note what you describe above is not supporting a secret whose length is
not a multiple of 8-bits, you describe turning such a secret into one
which is a multiple of 8-bits. So the hashing is still only working with
octets. That's something that can be done independently of iSCSI.

Take care,

Bill

Follow-Ups:
- RE: CHAP secret lengths
  - From: "Julian Satran" <Julian_Satran@il.ibm.com>
- RE: CHAP secret lengths
  - From: wrstuden@wasabisystems.com

Prev by Date: RE: CHAP secret lengths
Next by Date: RE: CHAP secret lengths
Prev by thread: RE: CHAP secret lengths
Next by thread: RE: CHAP secret lengths
Index(es):
- Date
- Thread

Home

Last updated: Fri Mar 14 01:19:21 2003
12426 messages in chronological order