Vulnerability Development mailing list archives
Re: Encryption Algorithm Footprint
From: "Robert Freeman" <freem100 () chapman edu>
Date: Wed, 6 Feb 2002 10:33:35 -0800
Perhaps it is RC2-128 CBC. The first block will utilize a specified "initialization vector" whereas subsequent encrypted block are XOR'd with data from the previous block prior to encryption. Therefore if you have a captured packet, you need to take into account the block chaining. You can always do some data-mining on your binary. Often a lot can be determined with a simple hex editor and a dissembler. Happy Chinese New Year too! Regards, Robert Freeman ----- Original Message ----- From: "fooyu" <security () fooyu com> To: <vuln-dev () securityfocus com> Sent: Wednesday, February 06, 2002 12:49 AM Subject: Encryption Algorithm Footprint
I am auditing one of my critical service system. This system provides our
users a method of stock exchange. By using ethereal I found the data packets was encypted like in SSL. Next I found the private key in my server and encypted symmetric key payload in the captured packets. After successfully decrypting the 16- bytes symmetric key, I test many encryption algorithm to decrypted the captured ciphertext, but all failed.
I want to know if encryption algorithm has footprint. Is there any
technica to find which encryption algorithm it used?
Thank you all and Happy Chinese New year! Haiyan Chen *********************** [security () fooyu com] www.fooyu.com ***********************
Current thread:
- Encryption Algorithm Footprint fooyu (Feb 06)
- Re: Encryption Algorithm Footprint Jose Nazario (Feb 06)
- Re: Encryption Algorithm Footprint Ryan Permeh (Feb 06)
- Re: Encryption Algorithm Footprint Robert Freeman (Feb 06)
- Re: Encryption Algorithm Footprint Dominik Russenberger (Feb 06)
- Re: Encryption Algorithm Footprint lgx (Feb 06)
- <Possible follow-ups>
- RE: Encryption Algorithm Footprint Ed Moyle (Feb 06)