Deriving Session Keys
Applications derive session keys from hash values by using the
CryptDeriveKey function. The underlying mechanism is very simple. The first few bytes of the
hash value (however many are required) are used as the session key material.
If the CRYPT_CREATE_SALT flag is specified, then the next few bytes are used as
the salt value. The remaining bytes of the hash value are not used.
For example, if you have an SHA hash value (160 bits) and want to create a
40-bit session key (with 88 bits of salt) from it, the first five bytes would be
used as the session key material and the next 11 bytes would be used as the
salt. The last 4 bytes would be unused.
Note that hash values and session keys are considered here to be blocks of
data, not large integers. Byte ordering (big endian vs. little endian) is thus not
relevant.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
