Difference between revisions of "Talk:Simple Encryption"

From Second Life Wiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 14: Line 14:
==Response to Strive Onizuka==
==Response to Strive Onizuka==
# The message digest is stored within the XOR. Q:Should it be clear text? Should the digest even be present, or perhaps a checksum of the digest? --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST)
# The message digest is stored within the XOR. Q:Should it be clear text? Should the digest even be present, or perhaps a checksum of the digest? --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST)
#:If you removed the digest, then you couldn't ensure the data hadn't been tampered with. Of course if the xor is determined then it's moot. I think it's better to have it then not, it protects you from partial decryption xor attacks. -- [[User:Strife Onizuka|Strife Onizuka]] 22:28, 28 February 2008 (PST)
# The passkey has now been extended to be as long (or longer) than the message. (one-time pad). --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST)
# The passkey has now been extended to be as long (or longer) than the message. (one-time pad). --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST)
#: A very interesting solution, I do believe it to be more secure. I suspect due to bit leakage and how MD5 shakes up the bits it might be possible given a long enough message work out the xor value; that said, i think doing so would be very difficult. Because of the repeat use of MD5 this alg is going to be very cpu intensive. -- [[User:Strife Onizuka|Strife Onizuka]] 22:28, 28 February 2008 (PST)


== So does this work? ==
== So does this work? ==
Line 20: Line 22:
Has this been tested and does it work? Also how secure is it? -- {{User|Bobbyb30 Zohari}}
Has this been tested and does it work? Also how secure is it? -- {{User|Bobbyb30 Zohari}}


:It's safe to assume that if it's been posted on the wiki that it does in fact work. In the scheme of things this algorithm is not very secure, it's essentially a restricted form of polyalphabetic cipher. Polyalphabetic ciphers can be attacked by analyzing letter frequency, first described in "A Manuscript on Deciphering Cryptographic Messages" written in the 9th century. [[llXorBase64StringsCorrect]] works on byte boundaries, if we say that each byte corresponds to an alphabet then the number of rows is the number of bytes in the xor value. XOR restricts the number of possible alphabets per row to 256 instead of the full 256! (8.5e506). -- [[User:Strife Onizuka|Strife Onizuka]] 20:38, 28 February 2008 (PST)
:On a scale of 1 to 10, I would say... 7? I imagine the NSA have the resources to brute force it but I suspect they would just ask LL for or just steal the script source/bytecode and extract the secret directly. -- [[User:Strife Onizuka|Strife Onizuka]] 22:41, 28 February 2008 (PST)

Latest revision as of 23:41, 28 February 2008

  1. XOR is not encryption.
  2. It is possible to decode the messages without resorting to pure brute force. In addition it is possible to ensure that the decode is in fact the message.
    • Worst case scenario is if the message is the password. Could require 2^128 to try all possibilities (depends what information can be gleaned from the message).
      • If the user can feed the encoder arbitrary strings they can brute force the secret directly. This is possible because the MD5 digests would match and subsequent XOR would result in a 32 nulls.
    • The longer the message the easier it is to determine the XOR.
    • Byte analysis:
      • If the message contains any characters with a value greater then 128 then bit 6 can be determined in the XOR and consequently reduce the choices available to the xor in the affected byte positions.
      • On average about 5.9 bits of information about the XOR can be gleaned from the perpended md5 message digest.
      • If bit 3 can be pinned down the number of available choices is greatly reduced.
  3. Once the message has been decoded, the password can be attacked by bruteforcing the xor.
  4. Once a message has been decoded the XOR can be applied to any message in the future baring the same nonce.

I have several ideas on how to improve the security of this algorithm. -- Strife Onizuka 06:09, 1 January 2008 (PST)

Response to Strive Onizuka

  1. The message digest is stored within the XOR. Q:Should it be clear text? Should the digest even be present, or perhaps a checksum of the digest? --Dedric Mauriac 11:58, 1 January 2008 (PST)
    If you removed the digest, then you couldn't ensure the data hadn't been tampered with. Of course if the xor is determined then it's moot. I think it's better to have it then not, it protects you from partial decryption xor attacks. -- Strife Onizuka 22:28, 28 February 2008 (PST)
  2. The passkey has now been extended to be as long (or longer) than the message. (one-time pad). --Dedric Mauriac 11:58, 1 January 2008 (PST)
    A very interesting solution, I do believe it to be more secure. I suspect due to bit leakage and how MD5 shakes up the bits it might be possible given a long enough message work out the xor value; that said, i think doing so would be very difficult. Because of the repeat use of MD5 this alg is going to be very cpu intensive. -- Strife Onizuka 22:28, 28 February 2008 (PST)

So does this work?

Has this been tested and does it work? Also how secure is it? -- Bobbyb30 Zohari

On a scale of 1 to 10, I would say... 7? I imagine the NSA have the resources to brute force it but I suspect they would just ask LL for or just steal the script source/bytecode and extract the secret directly. -- Strife Onizuka 22:41, 28 February 2008 (PST)
Retrieved from "https://wiki.secondlife.com/w/index.php?title=Talk:Simple_Encryption&oldid=56712"