• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Encryption
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption

  • Subject: Re: Encryption
  • From: Shawn Erickson <email@hidden>
  • Date: Fri, 2 Jan 2004 08:50:00 -0800
On Jan 1, 2004, at 6:44 PM, Shawn Erickson wrote:

On Jan 1, 2004, at 6:08 PM, Robert Tito wrote:

Hi Shawn

If I get my hand on an encrypted (by a standard single engine)
document it
takes aboutt 15-20 minutes to crack it.
It takes some more time to tackle a 512 bits document but then the
problem
lies within the single engine: they are all well known and described.

I may not be following the above fully but...

Are saying that you can tell me the original (ASCII) text message in
the enclosed file that was encrypted using AES with a 128b key?
[7%Zb+)G@Oe]UiIM mr4tc`4pXE"1`hZwA@ ^tSF
Note I used Apple sample CryptTool [1] to generate the encrypted file.

-Shawn

[1]
http://developer.apple.com/samplecode/Sample_Code/Security/
CryptoSample.htm

Oops, I forgot the list drops attachments. So the following is the encrypted file base64 encoded and inlined in the message.

WzcZpVpiqylHQM9lXdWS6clNIO3yFDQGdONgtPDYxSKWsQdg6Nodd0GEwIne9FNG

Anyway I believe either Robert is talking about some type of far weaker, for the number of bits, encryption or is talking about attacking the fact that humans often provide the seeds (aka passwords) that are used to generate the final keys used by the cypher. Humans often pick passwords that are easy to crack with dictionary attacks (use of common words, key patterns, anagrams, etc.) and/or they pick passwords that are themselves far shorter then the desired key size (8 or so characters instead of the 16 or more you often need for 128b keys) which have a way of greatly reducing the "key" space to something that can be cracked in a relatively short order.

In the case of the above encrypted message I used a pseudo random (rather poor random at that) password of 34 characters (I meant to use 32 oh well...). So a dictionary attack will be hard because of the randomness of the password and the number of possible passwords 34 characters in length (using only alphanumerics) is 8.2x10^52 (which is larger then the 128b key space used) so brute forcing that would be harder then attacking the possible cypher keys. At least based on my rather limited knowledge of things... :-)

-Shawn

p.s. Robert got back to me saying that he didn't want to attempt it at 4 AM his time which I fully understand, hopefully he can find the time later, I would truly like to know if it is possible and if so how.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: Encryption
      • From: Shawn Erickson <email@hidden>
References: 
 >Re: Encryption (From: Robert Tito <email@hidden>)
 >Re: Encryption (From: Shawn Erickson <email@hidden>)

  • Prev by Date: Allocation during awakeFromNib
  • Next by Date: Re: Can we make a Panel be displayed even when it is deactivated?
  • Previous by thread: Re: Encryption
  • Next by thread: Re: Encryption
  • Index(es):
    • Date
    • Thread