[cryptography] Oddity in common bcrypt implementation

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Jun 20 23:38:39 EDT 2011


Jeffrey Walton <noloader at gmail.com> writes:

>The 'details' mentioned above is at http://www.schneier.com/blowfish-bug.txt,
>and here's the crux of Morgan's report:
>
>    [bfinit] chokes whenever the most significant bit
>    of key[j] is a '1'.  For example, if key[j]=3D0x80,
>    key[j], a signed char, is sign extended to 0xffffff80
>    before it is ORed with data....

When I saw Solar's post I actually wondered whether it was this bug,
propagated through the use of that BF implementation.

Peter.



More information about the cryptography mailing list