funsec mailing list archives
Re: encodor/message encryption?
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 30 Aug 2008 16:53:08 +1200
Me to Valdis Kletnieks to Gadi:
Who wants to bet that it's snake-oil crypto?If you bang in a long string of "A" chars and use a string of "A" chars as the key, then try using the same length string of "B" chars (or "a" chars or "H" chars or "-" chars, etc, etc) results in a "decoded" string of all the same chars (different ones for each key string, but a decoded string of all the same chars and of the right length). Now, I'm no cryptographer, but I think that's a very unlikely result for a strong crypto algo -- the wrong key should produce "random junk" no matter what the original input clear text, no? In case it matters, I used 400 chars input string and 30 chars key -- the max encodor allows for both.
Just noticed (missed it earlier as the input field for the plain- text/cypher-text is too narrow to expose enough characters to show it) BUT the cypher-text from the above example (400xA string crypted with 30xA key) repeats every 47 characters. It also _perfectly overlaps_ the cypher-text string produced by "encrypting" a string of 400 "B" chars with the same key (a string of 30 "A" chars). That must mean it's dodgy, no? Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- encodor/message encryption? Gadi Evron (Aug 29)
- Re: encodor/message encryption? Valdis . Kletnieks (Aug 29)
- Re: encodor/message encryption? Nick FitzGerald (Aug 29)
- Re: encodor/message encryption? Nick FitzGerald (Aug 29)
- Re: encodor/message encryption? Nick FitzGerald (Aug 29)
- <Possible follow-ups>
- Re: encodor/message encryption? Gregory Hicks (Aug 29)
- Re: encodor/message encryption? Valdis . Kletnieks (Aug 29)