Re: What can one do against Keylogger Attacks?

Crypto_at_S.M.S
Date: 08/10/05 

Date: Wed, 10 Aug 2005 15:54:03 +1000

Joseph Ashwood wrote:

> [Note to those who are in the groups other than sci.crypt. I am only
> replying to this because these are legitimate questions, Crypto@SMS has been
> nominated for "troll of the year" on sci.crypt for various reasons]
>

Note that Joe has been similarly nominated.

> <Crypto@S.M.S> wrote in message news:11fds0ma5lt8vd1@news.supernews.com...
>
>>Joseph Ashwood wrote:
>>You claimed that CryptoSMS is weak because it uses Blowfish
>>as one of its encryption layers. SO which is it? Do these
>>"minor" attacks allow you to break Blowfish encrypted messages,
>>or not?
>
>
> I claimed that CryptoSMS has so many flaws in every part of it that it's
> strength is somewhere up there with tissue paper, among these was the poor
> selection of cryptographic primitives, which I believe the one I repeatedly
> told you was weak is RC4.
>

You claimed it was weak because it *might* have a
problematic implementation of ARC4 and Blowfish.

You also pointed out "flaws" that were in fact nonexistent.
Tissue paper that you can't break?

>
>>>For the case in question (password storage), the data files are likely to
>>>be small enough, the data changes infrequent enough, and the data used in
>>>such a fashion that Blowfish, used in a suitable mode of operation,
>>>should be sufficient.
>>> Joe
>>
>>Are short messages equally small enough that Blowfish in CBC mode "should
>>be sufficient"?
>
>
> If the key is strong yes, in the case you are referring to, it was rather
> thoroughly lestablished that the key selection would be heavily flawed. It
> is also critical that the password storage case requires a single file so
> the CBC proof is easily satisfied, using short messages it is far more
> difficult to satisfy.
> Joe
>
>

Imagined flaws in key selection based on your assumptions about English
passwords. Such statements make no sense when examined in the light of
actual/potential pass phrases in use.

If it is so heavily flawed, why have you not demonstrated real "breaks"
instead of imaginary ones? The anonymous challenger is still floating
around, posting requests from time-to-time, which you have been patently
ignoring.

Meanwhile, your suggestions of possible weaknesses in CryptoSMS have
been taken seriously, and pass phrase salting/stretching has been added
to increase entropy. I really do appreciate the realistic criticisms
you have posted. Thanks. It's just your continued insults that get
a little bit tiring.