WebApp Sec mailing list archives
Re: Which encryption algorithm used?
From: exon <exon () home se>
Date: Sun, 30 May 2004 04:46:12 +0200
John Borwick wrote:
Pitts, Christopher C. wrote:With a proper algorithm, it should be nearly impossible. That being said, many implementations, stick a header or footer that can be used to identify the method used. Take a look at mcrypt and it's bare function, you can use it to compare the stripped (--base IIRC) ouput of the different algorithms.[snip]What do you mean, "with a proper algorithm"? Cryptographic algorithms are supposed to be secure *even when the methods used are known*. The only thing that has to be secret is the key.
And that's about exactly what he means. You can't determine what cipher was used to encrypt a message by looking at the encrypted message if the output is secure when the methods used are known. That's because the encrypted message would consist of a bunch of pseudo-random characters with no appearent coherence what so ever.
In this sense, rotation-, simple-hash and XOR-ciphers don't use "proper algorithms" because it's fairly simple to conclude that one of the three was used to encrypt a message by looking at the encrypted text ("hello" would look something like "ifmmp" with a rotation cipher and a key of 1).
/exon
Current thread:
- Which encryption algorithm used? stevenr (May 26)
- RE: Which encryption algorithm used? Marian Ion (May 26)
- Re: Which encryption algorithm used? Adam Tuliper (May 26)
- Re: Which encryption algorithm used? exon (May 26)
- Re: Which encryption algorithm used? exon (May 26)
- <Possible follow-ups>
- RE: Which encryption algorithm used? Pitts, Christopher C. (May 26)
- Re: Which encryption algorithm used? John Borwick (May 26)
- Re: Which encryption algorithm used? windo (May 27)
- Re: Which encryption algorithm used? Adam Lydick (May 27)
- Re: Which encryption algorithm used? exon (May 31)
- Re: Which encryption algorithm used? John Borwick (May 26)
- RE: Which encryption algorithm used? Pitts, Christopher C. (May 27)
- RE: Which encryption algorithm used? Tom Arseneault (May 27)
- RE: Which encryption algorithm used? Michael Silk (May 27)
- RE: Which encryption algorithm used? Marian Ion (May 26)