Re: Cracking decrypted file when knowing partial contents
From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 04/21/04
- Next message: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
- Previous message: phn_at_icke-reklam.ipsec.nu: "Re: Cracking decrypted file when knowing partial contents"
- In reply to: Adfa: "Re: Cracking decrypted file when knowing partial contents"
- Next in thread: Paul O. BARTLETT: "Re: Cracking decrypted file when knowing partial contents"
- Reply: Paul O. BARTLETT: "Re: Cracking decrypted file when knowing partial contents"
- Reply: Adfa: "Re: Cracking decrypted file when knowing partial contents"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 Apr 2004 17:38:49 +0000 (UTC)
"Adfa" <adfa@noname.com> writes:
]>. Most home grown schemes -- whether
]> by some backwoodman encrypting his diary, or Microsoft or some other
]> software company including "encryption" with their products--
]> are bad. Only use well known schemes which have had lots of scrutiny by
]> the community.
]Hi, thanks for all the responses everyone.
]Which of the following would be considered to be good encryption schemes (MS
]Word):
]RC4, Microsoft Enhanced Cryptographic Provider 1.0 128-bit
]RC4, Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider
]128-bit
]RC4, Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)
]128-bit
]RC4, Microsoft RSA SChannel Cryptographic Provider 128-bit
]RC4, Microsoft Strong Cryptographic Provider 128-bit
]with a password of more than 8 characters (mixed char and numeric)
Since as far as I know, nothing from Microsoft is open source, I would
not trust any of them. Cryptography is not something whose strength can
be determined from the output. It can only be determined by examining
the code. Also, what is the world is RC4 doing there at all. RC4 is
terrible as a symmetric cypher with user supplied key. While it can be
fixed up with a random salt, it is still not what I would use for a
symmetric cypher with user supplied key. It's one advantage is that it
is fast. (I suppose they could also use a random key for the RC4 and
encrypt that key with your favourite keyed cypher, which I think would
be fine. Except that the program would have to make sure that it never
reused the key, ie generated a fresh random key each and every time the
file was encrypted-- no matter how small the change to the file. Again
that is something that could be checked only if the source code were
available.)
- Next message: Bill Unruh: "Re: Cracking decrypted file when knowing partial contents"
- Previous message: phn_at_icke-reklam.ipsec.nu: "Re: Cracking decrypted file when knowing partial contents"
- In reply to: Adfa: "Re: Cracking decrypted file when knowing partial contents"
- Next in thread: Paul O. BARTLETT: "Re: Cracking decrypted file when knowing partial contents"
- Reply: Paul O. BARTLETT: "Re: Cracking decrypted file when knowing partial contents"
- Reply: Adfa: "Re: Cracking decrypted file when knowing partial contents"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
