Re: Cracking decrypted file when knowing partial contents

From: Douglas A. Gwyn (DAGwyn_at_null.net)
Date: 04/20/04

• Next message: briggs_at_encompasserve.org: "Re: Cracking decrypted file when knowing partial contents"
• Previous message: Lohkee!: "Re: Time-to-crack MD5 passwords"
• In reply to: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
• Next in thread: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
• Reply: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 20 Apr 2004 19:13:48 GMT

Bill Unruh wrote:
> It depends on the encryption used. Most modern good encryption is
> designed to resist known plaintext attacks-- ie even if you know the
> plaintext and how it encrypts, you still cannot determine the key except
> by exhaustive search of the key space.
> Known plaintext attacks are so well known (That was how individual
> enigma messages were cracked) that any competent cryptographer spends
> most of his time designing the encryption scheme to be resistant,
> although even compentent ones can screw up.

That's misleading. "Known plaintext" does not describe a
*method* of attack, but a general scenario that is assumed
to exist, which potentially provides more information that
*might* be useful in mounting an actual attack than for
some other scenarios (such as ciphertext-only). In fact
most encryption systems cannot correctly guarantee that
knowing the plaintext does not facilitate some method of
attack against them. At best, they are designed to not
run afoul of a handful of *known* methods of attack that
may require a known-plaintext scenario. But it is the
*unknown* methods that really need to be guarded against,
and most systems don't take sufficient precautions in that
regard.

• Next message: briggs_at_encompasserve.org: "Re: Cracking decrypted file when knowing partial contents"
• Previous message: Lohkee!: "Re: Time-to-crack MD5 passwords"
• In reply to: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
• Next in thread: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
• Reply: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Countering chosen-plaintext attacks ... > One can defend against a chosen plaintext attack against DES by using ... > cipher, without making the scenario of a chosen plaintext submitted to ... > the full encryption method impossible. ... > the chosen-plaintext scenario. ... (sci.crypt) Re: Encrypted Communications and Predictable Communications? ... If the attack you describe (the known plaintext, ... | on one machine and a database server on another. ... | Should the encryption system take steps to ensure that the encrypted data ... (SecProg) Re: Cracking decrypted file when knowing partial contents ... ]> It depends on the encryption used. ... ]> plaintext and how it encrypts, you still cannot determine the key except ... ]> most of his time designing the encryption scheme to be resistant, ... ]*method* of attack, but a general scenario that is assumed ... (comp.security.misc) Re: Cracking decrypted file when knowing partial contents ... ]> It depends on the encryption used. ... ]> plaintext and how it encrypts, you still cannot determine the key except ... ]> most of his time designing the encryption scheme to be resistant, ... ]*method* of attack, but a general scenario that is assumed ... (sci.crypt) Re: Bad news for Block Ciphers? ... >Any ciphertext only attack should use some knowledge about plaintexts ... If you cannot distinguish possible plaintext from random ... No in most modern encryption sytems that use compression and padding ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint