Passphraselessly protecting dictionary relations

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Hello NG,

I'm posting this here, because once again sci.crypt is under attack
(don't you guys ever get bored? *sigh*).

Since I was unable to find a good one, I'm writing a general
auto-identification script for Irssi.  I don't like to save the database
in plaintext, but I also don't want to forcibly require the user to
enter a passphrase upon starting Irssi.  So I've thought of using the
following scheme for a non-protected (i.e. passphraseless) database.

  H:    secure hash function,
  E_K:  secure symmetric encryption function using K as the key
  P:    the PBKDF2 function with a certain amount of iterations.

  R:    string combining network name and nickname
  M:    the password associated with R

An entry in the database would schematically look like this:

  H(R) = E_K(M)   where K = P(R)

My goal is to at least prevent the user from getting to the password
without knowing the network name as well as the nickname, for which it
is used.  This should provide a certain level of security against a
random attacker stealing that file, which na=C3=AFve encryption using a
hard-coded key could not provide.

This is (or should be) a Term=3DDescription dictionary, where the attacker
can only recover Description, if he knows Term.

What do you think?

Ertugrul S=C3=B6ylemez.

=46rom the fact that this CGI program has been written in Haskell, it
follows naturally that this CGI program is perfectly secure.

Site Timeline