Security Basics mailing list archives
Re: Recognizing Encryption Type
From: Neil <neil () voidfx net>
Date: Mon, 06 Feb 2006 21:23:12 +0530
On 2/3/2006 1:12 PM, Vladimir B. Kropotov wrote:
Hi Folks mam> I was just wondering if there was a feasible way in order to obtain the mam> encryption type of a specific file. Could this be done using a third mam> party program that would inspect the running process of the encryptor as mam> it is working on the input file and after that examining the resulting mam> output? If not using this procedure, would the attacker be able to mam> identify the encryption type by reverse engineering the encryptor program? Basically strong cryptography protocols secutity MUSTN'T change if protocol is known for attacker. All strong cryptography protocols consider that encryption method is known. Another poing of view: if you use system that not suited for security level (e.g. B2) you mustn't care about attacker which "able to identify the encryption type", becuase your WHOLE system is strong as your weaknest link. If atackers program would inspect the running process of the encryptor as it is working on the input file - you SHOULDN'T care about encryption type, you screwed up and loose all your sensitive information. Direct Answer. It's possible, especially if you can control input and output. For more information ask Russian and US experts www.fsb.ru and www.cia.gov :-D Regards Vladimir B.Kropotov
If well, nothing is safe if you can inspect the process as it run, because you can grab the key out of the process (even if it encrypts the key as well, because _that_ encryption has to come from somewhere, and the attacker can inspect that too). But with strong encryption, assuming you use a different key each time, the type of encryption is irrelevant. -- Neil. http://voidfx.net "As scarce as truth is, the supply has always been in excess of the demand." --Josh Billings --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Recognizing Encryption Type majed al marri (Feb 02)
- RE: Recognizing Encryption Type Adrian Floarea (Feb 05)
- <Possible follow-ups>
- Re: Recognizing Encryption Type Vladimir B. Kropotov (Feb 05)
- Re: Recognizing Encryption Type Neil (Feb 07)