gcry_cipher_setkey(h,k,l)

[Timo Schulz]

On Mon Apr 22 2002; 21:36, Rüdiger Sonderfeld wrote:

> > crack the passphrase with a dictionary attack. Then he could decrypt
> > the encrypted session key...
> 
> I meant the encrypted session key because it is crypted with a too 
> short key (the MD5 sum)

That's right, the secret (256 bits) would be protected by a {160,128}-bit
SHA/RMD160/MD5 key. But if you read some protocol specifications, for 
example RFC2440, you'll see they use the same procedure for symmetric 
encryption.


        Timo