blank.gif (43 bytes)

Church Of The
Swimming Elephant

6.4.3. RSA MD4 Cryptographic Checksum Using DES (rsa-md4des) Connected: An Internet Encyclopedia
6.4.3. RSA MD4 Cryptographic Checksum Using DES (rsa-md4des)

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1510
Up: 6. Encryption and Checksum Specifications
Up: 6.4. Checksums
Prev: 6.4.2. The RSA MD4 Checksum (rsa-md4)
Next: 6.4.4. The RSA MD5 Checksum (rsa-md5)

6.4.3. RSA MD4 Cryptographic Checksum Using DES (rsa-md4des)

6.4.3. RSA MD4 Cryptographic Checksum Using DES (rsa-md4des)

The RSA-MD4-DES checksum calculates a keyed collisionproof checksum by prepending an 8 octet confounder before the text, applying the RSA MD4 checksum algorithm, and encrypting the confounder and the checksum using DES in cipher-block-chaining (CBC) mode using a variant of the key, where the variant is computed by eXclusive-ORing the key with the constant F0F0F0F0F0F0F0F0 (A variant of the key is used to limit the use of a key to a particular function, separating the functions of generating a checksum from other encryption performed using the session key. The constant F0F0F0F0F0F0F0F0 was chosen because it maintains key parity. The properties of DES precluded the use of the complement. The same constant is used for similar purpose in the Message Integrity Check in the Privacy Enhanced Mail standard.). The initialization vector should be zero. The resulting checksum is 24 octets long (8 octets of which are redundant). This checksum is tamper-proof and believed to be collision-proof.

The DES specifications identify some "weak keys"; those keys shall not be used for generating RSA-MD4 checksums for use in Kerberos.

The format for the checksum is described in the following diagram:

      |  des-cbc(confounder

                        rsa-md4(confounder+msg),key=var(key),iv=0)  |

The format cannot be described in ASN.1, but for those who prefer an ASN.1-like notation:

   rsa-md4-des-checksum ::=   ENCRYPTED       UNTAGGED SEQUENCE {
                              confounder[0]   UNTAGGED OCTET STRING(8),
                              check[1]        UNTAGGED OCTET STRING(16)

Next: 6.4.4. The RSA MD5 Checksum (rsa-md5)

Connected: An Internet Encyclopedia
6.4.3. RSA MD4 Cryptographic Checksum Using DES (rsa-md4des)


Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

Have you gone to church today?
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609