Difference between revisions of "Talk:Simple Encryption"
Jump to navigation
Jump to search
(3 intermediate revisions by 2 users not shown) | |||
Line 14: | Line 14: | ||
==Response to Strive Onizuka== | ==Response to Strive Onizuka== | ||
# The message digest is stored within the XOR. Q:Should it be clear text? Should the digest even be present, or perhaps a checksum of the digest? --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST) | # The message digest is stored within the XOR. Q:Should it be clear text? Should the digest even be present, or perhaps a checksum of the digest? --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST) | ||
#:If you removed the digest, then you couldn't ensure the data hadn't been tampered with. Of course if the xor is determined then it's moot. I think it's better to have it then not, it protects you from partial decryption xor attacks. -- [[User:Strife Onizuka|Strife Onizuka]] 22:28, 28 February 2008 (PST) | |||
# The passkey has now been extended to be as long (or longer) than the message. (one-time pad). --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST) | # The passkey has now been extended to be as long (or longer) than the message. (one-time pad). --[[User:Dedric Mauriac|Dedric Mauriac]] 11:58, 1 January 2008 (PST) | ||
#: A very interesting solution, I do believe it to be more secure. I suspect due to bit leakage and how MD5 shakes up the bits it might be possible given a long enough message work out the xor value; that said, i think doing so would be very difficult. Because of the repeat use of MD5 this alg is going to be very cpu intensive. -- [[User:Strife Onizuka|Strife Onizuka]] 22:28, 28 February 2008 (PST) | |||
== So does this work? == | |||
Has this been tested and does it work? Also how secure is it? -- {{User|Bobbyb30 Zohari}} | |||
:On a scale of 1 to 10, I would say... 7? I imagine the NSA have the resources to brute force it but I suspect they would just ask LL for or just steal the script source/bytecode and extract the secret directly. -- [[User:Strife Onizuka|Strife Onizuka]] 22:41, 28 February 2008 (PST) |
Latest revision as of 22:41, 28 February 2008
- XOR is not encryption.
- It is possible to decode the messages without resorting to pure brute force. In addition it is possible to ensure that the decode is in fact the message.
- Worst case scenario is if the message is the password. Could require 2^128 to try all possibilities (depends what information can be gleaned from the message).
- If the user can feed the encoder arbitrary strings they can brute force the secret directly. This is possible because the MD5 digests would match and subsequent XOR would result in a 32 nulls.
- The longer the message the easier it is to determine the XOR.
- Byte analysis:
- If the message contains any characters with a value greater then 128 then bit 6 can be determined in the XOR and consequently reduce the choices available to the xor in the affected byte positions.
- On average about 5.9 bits of information about the XOR can be gleaned from the perpended md5 message digest.
- If bit 3 can be pinned down the number of available choices is greatly reduced.
- Worst case scenario is if the message is the password. Could require 2^128 to try all possibilities (depends what information can be gleaned from the message).
- Once the message has been decoded, the password can be attacked by bruteforcing the xor.
- Once a message has been decoded the XOR can be applied to any message in the future baring the same nonce.
I have several ideas on how to improve the security of this algorithm. -- Strife Onizuka 06:09, 1 January 2008 (PST)
Response to Strive Onizuka
- The message digest is stored within the XOR. Q:Should it be clear text? Should the digest even be present, or perhaps a checksum of the digest? --Dedric Mauriac 11:58, 1 January 2008 (PST)
- If you removed the digest, then you couldn't ensure the data hadn't been tampered with. Of course if the xor is determined then it's moot. I think it's better to have it then not, it protects you from partial decryption xor attacks. -- Strife Onizuka 22:28, 28 February 2008 (PST)
- The passkey has now been extended to be as long (or longer) than the message. (one-time pad). --Dedric Mauriac 11:58, 1 January 2008 (PST)
- A very interesting solution, I do believe it to be more secure. I suspect due to bit leakage and how MD5 shakes up the bits it might be possible given a long enough message work out the xor value; that said, i think doing so would be very difficult. Because of the repeat use of MD5 this alg is going to be very cpu intensive. -- Strife Onizuka 22:28, 28 February 2008 (PST)
So does this work?
Has this been tested and does it work? Also how secure is it? -- Bobbyb30 Zohari
- On a scale of 1 to 10, I would say... 7? I imagine the NSA have the resources to brute force it but I suspect they would just ask LL for or just steal the script source/bytecode and extract the secret directly. -- Strife Onizuka 22:41, 28 February 2008 (PST)