Re: Determining the encryption used

[Byron Sonne <blsonne () rogers com>]

> Is it possible to determine the encryption used by
> "looking" at the encrypted results or lenght ?

I've hit this problem a number of times at work, and come to the rough 
conclusion that it's not a workable solution if all you have is just raw 
data without context.

I had thought of looking for structure and whatnot, but realized that it 
would be a sign of weakness in a cipher, and a probably a vector into 
cracking it. I'm not saying it's not possible, but I bet it would only 
be effective against really cheesy stuff.

I would really love to be proven wrong on this point. Particularly such 
that there is an effective, affordable and computationally practical 
technique that can be made into a tool that can accurately detect 
various encryption types ;) I don't care what it contains, just want to 
know what it is!


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------