WebApp Sec mailing list archives
Re: Which encryption algorithm used?
From: Adam Lydick <lydickaw () ruffledpenguin org>
Date: Thu, 27 May 2004 01:03:13 -0700
On Wed, 2004-05-26 at 07:20, John Borwick wrote:
Pitts, Christopher C. wrote:With a proper algorithm, it should be nearly impossible. That being said, many implementations, stick a header or footer that can be used to identify the method used. Take a look at mcrypt and it's bare function, you can use it to compare the stripped (--base IIRC) ouput of the different algorithms.[snip] What do you mean, "with a proper algorithm"? Cryptographic algorithms are supposed to be secure *even when the methods used are known*. The only thing that has to be secret is the key.
In addition, this isn't always the case. I've included a URL for a paper on some weaknesses in RC4. One of the attacks they reference allows data encrypted with that algorithm to be distinguished from random data. http://citeseer.ist.psu.edu/531224.html There may be similar "distinguishers" for other algorithms. (This is a cryptographic weakness, so I suppose it is still true that a "proper" (perfect) algorithm would seem to be noise.) -- Adam
Current thread:
- Which encryption algorithm used? stevenr (May 26)
- RE: Which encryption algorithm used? Marian Ion (May 26)
- Re: Which encryption algorithm used? Adam Tuliper (May 26)
- Re: Which encryption algorithm used? exon (May 26)
- Re: Which encryption algorithm used? exon (May 26)
- <Possible follow-ups>
- RE: Which encryption algorithm used? Pitts, Christopher C. (May 26)
- Re: Which encryption algorithm used? John Borwick (May 26)
- Re: Which encryption algorithm used? windo (May 27)
- Re: Which encryption algorithm used? Adam Lydick (May 27)
- Re: Which encryption algorithm used? exon (May 31)
- Re: Which encryption algorithm used? John Borwick (May 26)
- RE: Which encryption algorithm used? Pitts, Christopher C. (May 27)
- RE: Which encryption algorithm used? Tom Arseneault (May 27)
- RE: Which encryption algorithm used? Michael Silk (May 27)
- RE: Which encryption algorithm used? Marian Ion (May 26)