Re: Double encryption method
- From: Maaartin <grajcar1@xxxxxxxxx>
- Date: Sun, 13 Jun 2010 14:20:23 -0700 (PDT)
On Jun 13, 10:57 pm, "astral" <ast...@xxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
I am just curious about double file encryption method. For example, we have
encrypted a PE executable with some algorithm, say AES-256, then have this
encrypted file repeatedly, using the same algorithm, for more protection. At
runtime, encrypted executable are rapidly decompressed in memory.
WTF? You're trying to obfuscate the executable, I mean, to protect it
against the user running it, right? In this case, there can be no real
security and there much easier ways to crack it than cracking AES.
Using AES-256 is a clear overkill, AES-128 is fine, even using AES-128
reduced to a broken variant (with 7 rounds, IIRC) would be good
enough.
How safe
is repeated encrypting for PE-executable data integrity?
Data integrity has nothing to do with encryption here. Using AES you
can encrypt it once or thousand times, the data doesn't get corrupt
and there's no way to decrypt it without knowing the key.
Sometimes, double
encrypted executable may not always work, or works incorrectly. What are the
factors that it depends on?
There are no such factors, it's a programming bug of yours (or your
crypto vendor), maybe something with padding. From the crypto POV I'd
say just don't do it, from the programmer's POV I'd say, find the bug
anyway.
.
- References:
- Double encryption method
- From: astral
- Double encryption method
- Prev by Date: Re: General factoring result for k^m = q mod N
- Next by Date: Re: JSH: Why being right isn't enough
- Previous by thread: Double encryption method
- Next by thread: Re: Double encryption method
- Index(es):
Relevant Pages
|
