User Name
Password

Go Back   Planetarion Forums > Non Planetarion Discussions > General Discussions

Reply
Thread Tools Display Modes
Unread 28 Feb 2006, 18:27   #1
JammyJim
Godfather
 
JammyJim's Avatar
 
Join Date: May 2000
Location: England
Posts: 5,185
JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Encryption

Dead Dudes,

I am curious as to whether all these encryption programs on the net e.g. this one are actually any good.

Whilst im not that bothered about whether the government can crack them or even if its possible to crack them im curious as to how they work and whether they are infact 'any good at what they do'. It seems highly dubious claims that 'its unbreakable'.

So do these companies give the government the 'overriding code' to break it realtively easily etc or are these things actually totally break in proof unless you assign several hours of computing time to breaking it?

p.s. this is not so i can encrypt kiddy pron and be immune from anyone ever finding it.
__________________
Forum Administrator
Mail : [email protected] // IRC : #forums
__________________
It's not personal, it's just business.
JammyJim is offline   Reply With Quote
Unread 28 Feb 2006, 18:30   #2
Nodrog
Registered User
 
Join Date: Jun 2000
Posts: 8,476
Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

No (non-quantum) encryption is literally unbreakable, but you can reduce the probability of it being broken by brute force so low that it become unbreakable in practice. RSA with a significantly long key length is pretty much unbreakable, and implementations such as PGP have been banned in America as a result :o
Nodrog is offline   Reply With Quote
Unread 28 Feb 2006, 18:33   #3
NEWSBOT3
NEWSBOT
 
Join Date: Dec 2000
Location: The enby cave!
Posts: 4,872
NEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by Nodrog
No (non-quantum) encryption is literally unbreakable, but you can reduce the probability of it being broken by brute force so low that it become unbreakable in practice. RSA with a significantly long key length is pretty much unbreakable, and implementations such as PGP have been banned in America as a result
eh

when did PGP get banned ?

it was fine the less time i used it.

edit : doesnt look very banned

http://www.pgp.com/
__________________
[20:27:47] <nodrog-aawy> **** i think my housemate just caught me masturbating
[11:25:32] <idimmu> you are a little piggy arent you
[13:17:00] <KaneED> i'm so closet i'm like narnia
__________________
Pretty parks and funky scrap metal things here
NEWSBOT3 is offline   Reply With Quote
Unread 28 Feb 2006, 18:34   #4
Nodrog
Registered User
 
Join Date: Jun 2000
Posts: 8,476
Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Quote:
Originally Posted by JammyJim
So do these companies give the government the 'overriding code' to break it realtively easily etc or are these things actually totally break in proof unless you assign several hours of computing time to breaking it?
.
'several hours'

Assuming the encrpytion is decent, a brute force approach would take all the computers in the world many million years to break.
Nodrog is offline   Reply With Quote
Unread 28 Feb 2006, 18:36   #5
Nodrog
Registered User
 
Join Date: Jun 2000
Posts: 8,476
Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Quote:
Originally Posted by NEWSBOT3
eh

when did PGP get banned ?
My mistake, its an export ban.

http://www.privacy.com.au/news.htm
Nodrog is offline   Reply With Quote
Unread 28 Feb 2006, 18:37   #6
Phil^
Insomniac
 
Phil^'s Avatar
 
Join Date: May 2003
Posts: 3,583
Phil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus would
Re: Encryption

as nodrog said, with encryption its just a matter of processor operations ( and thus time ) before it can be broken
what the more secure variations do is make it require so many operations that it takes a ludicrously long time to break. ( in the order of decades iirc )
as for the one you posted. 128bit isnt -brilliant- but it should be sufficient.
Personally i would be looking for an AES/Blowfish/PGP based crypto with 256 or 512 bit key lengths. the longer the better
__________________
Phil^
Phil^ is offline   Reply With Quote
Unread 28 Feb 2006, 18:40   #7
JammyJim
Godfather
 
JammyJim's Avatar
 
Join Date: May 2000
Location: England
Posts: 5,185
JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

First off the download and install are as easy and intuitive as can be. Well finally an easy way to protect your sensitive material! Not only is it easy, but this is really secure too. In fact it uses 448 bit Encrypted Password Protection - Unbreakable Blowfish based password protection ensuring total data protection. The secure sites on the internet (like your bank) use 128 bit encryption.

So, guess what? They are going to have to torture you to get this baby open... I cannot emphasize too much how easy Cryptainer PE is to use."
Sharewarejunkies.com



apparently.
__________________
Forum Administrator
Mail : [email protected] // IRC : #forums
__________________
It's not personal, it's just business.
JammyJim is offline   Reply With Quote
Unread 28 Feb 2006, 18:41   #8
Phil^
Insomniac
 
Phil^'s Avatar
 
Join Date: May 2003
Posts: 3,583
Phil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus wouldPhil^ spreads love and joy to the forum in the same way Jesus would
Re: Encryption

i think that bit of blurb lies, or is for the paid version only.
the rest of the page says 128 bit
__________________
Phil^
Phil^ is offline   Reply With Quote
Unread 28 Feb 2006, 18:43   #9
NEWSBOT3
NEWSBOT
 
Join Date: Dec 2000
Location: The enby cave!
Posts: 4,872
NEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by JammyJim
First off the download and install are as easy and intuitive as can be. Well finally an easy way to protect your sensitive material! Not only is it easy, but this is really secure too. In fact it uses 448 bit Encrypted Password Protection - Unbreakable Blowfish based password protection ensuring total data protection. The secure sites on the internet (like your bank) use 128 bit encryption.

So, guess what? They are going to have to torture you to get this baby open... I cannot emphasize too much how easy Cryptainer PE is to use."
Sharewarejunkies.com



apparently.
hey JJ you know the uk government can legally threaten you with jail if you dont hand over encryption keys to them ?

it was in the RIP bill that passed a few years ago.
__________________
[20:27:47] <nodrog-aawy> **** i think my housemate just caught me masturbating
[11:25:32] <idimmu> you are a little piggy arent you
[13:17:00] <KaneED> i'm so closet i'm like narnia
__________________
Pretty parks and funky scrap metal things here
NEWSBOT3 is offline   Reply With Quote
Unread 28 Feb 2006, 18:46   #10
JammyJim
Godfather
 
JammyJim's Avatar
 
Join Date: May 2000
Location: England
Posts: 5,185
JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.JammyJim has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

i dont plan on encrypting anything theyd ever need to look at. possibly just some work files.

I realised i dont have recent backups of things so was thinking of doing a massive backup of everything im working with currently but id need to encrypt it all just incase i ever lost it or IT FELL INTO THE WRONG HANDS (terrorists)
__________________
Forum Administrator
Mail : [email protected] // IRC : #forums
__________________
It's not personal, it's just business.
JammyJim is offline   Reply With Quote
Unread 28 Feb 2006, 18:52   #11
Nodrog
Registered User
 
Join Date: Jun 2000
Posts: 8,476
Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Yeah, the RIP act really is disgusting; how anyone can say Britian isnt a totalitarian state is beyond me. The most amusing part of the whole thing is that it a few years after it was past, clueless British fools started saying America was a joke because of the Patriot act.
Nodrog is offline   Reply With Quote
Unread 28 Feb 2006, 18:57   #12
Yahwe
I am.
 
Join Date: Nov 2004
Posts: 6,580
Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Quote:
Originally Posted by NEWSBOT3
hey JJ you know the uk government can legally threaten you with jail if you dont hand over encryption keys to them ?

it was in the RIP bill that passed a few years ago.
that's not quite true ...

EDIT: and you really can't make such silly statements gordon.
__________________
hi
Yahwe is offline   Reply With Quote
Unread 28 Feb 2006, 19:12   #13
NEWSBOT3
NEWSBOT
 
Join Date: Dec 2000
Location: The enby cave!
Posts: 4,872
NEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriendNEWSBOT3 needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by Yahwe
that's not quite true ...

EDIT: and you really can't make such silly statements gordon.
feel free to correct me, i'm interested to know
__________________
[20:27:47] <nodrog-aawy> **** i think my housemate just caught me masturbating
[11:25:32] <idimmu> you are a little piggy arent you
[13:17:00] <KaneED> i'm so closet i'm like narnia
__________________
Pretty parks and funky scrap metal things here
NEWSBOT3 is offline   Reply With Quote
Unread 28 Feb 2006, 19:17   #14
Yahwe
I am.
 
Join Date: Nov 2004
Posts: 6,580
Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Yahwe has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Quote:
Originally Posted by NEWSBOT3
feel free to correct me, i'm interested to know
their can only be an application for a section 49 warrant against a civillian if that civillian:

(e) has, by any other lawful means not involving the exercise of statutory powers, come into the possession of any of the intelligence services, the police or the customs and excise, or is likely so to come into the possession of any of those services, the police or the customs and excise.
__________________
hi
Yahwe is offline   Reply With Quote
Unread 28 Feb 2006, 19:29   #15
Nodrog
Registered User
 
Join Date: Jun 2000
Posts: 8,476
Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Quote:
Originally Posted by Yahwe
their can only be an application for a section 49 warrant against a civillian if that civillian:

(e) has, by any other lawful means not involving the exercise of statutory powers, come into the possession of any of the intelligence services, the police or the customs and excise, or is likely so to come into the possession of any of those services, the police or the customs and excise.
That isnt saying "if the [civilian] has by any other lawful means come into possession blah blah", its saying "if [the protected information, see the first sentence of the section] has come into possesion of [the police]", ie if the police have obtained the information lawfully (eg as sanctioned by section 22 or by lawful non-statutory methods), then they can impose a disclosure requirement.


Quote:
(1) This section applies where any protected information (...)

(e) has, by any other lawful means not involving the exercise of statutory powers, come into the possession of any of the intelligence services, the police or the customs and excise, (...)


If any person with the appropriate permission under Schedule 2 believes, on reasonable grounds-
(a) that a key to the protected information is in the possession of any person,(...)

the person with that permission may, by notice to the person whom he believes to have possession of the key, impose a disclosure requirement in respect of the protected information.

#That seems pretty clear to me, unless I'm misleading it horribly in a way it would be kind of you to point out.

Last edited by Nodrog; 28 Feb 2006 at 19:34.
Nodrog is offline   Reply With Quote
Unread 1 Mar 2006, 07:40   #16
Ramihyn
Emperor
 
Join Date: Jul 2001
Location: in front of a computer
Posts: 490
Ramihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud of
Re: Encryption

Quote:
Originally Posted by JammyJim
I am curious as to whether all these encryption programs on the net e.g. this one are actually any good.
Verifying security software can be a lengthy and tedious task. Personally i wouldnt trust any closed security software coming from the US or the UK (or several other countries) because they have a long history of intentionally weakening encryption for law enforcement. Now you may say "but thats ok, i dont really have anything to hide from the government" but the problem is that "the bad guys" arent stupid and like to use those weaknesses too.

I dont see the point in verifying that software if you can get TrueCrypt for free which has much better features and no such silly restrictions like 25mb "containers", is open sourced, portable and verified while the software you linked to doesnt even seem to offer the source of their encryption algo(s) for verification.

Quote:
Originally Posted by Nodrog
No (non-quantum) encryption is literally unbreakable, but you can reduce the probability of it being broken by brute force so low that it become unbreakable in practice.
Cryptographers might disagree: One-time-pads

You cant directly compare key lengths of symmetric and asymmetric cyphers like people keep doing. A 256bit key of a symmetrical cypher is very strong while a 256bit key for a asymmetric cypher is a joke nowadays. PGP is "the" standard asymmetric cypher and i wouldnt use less then 2048bits with those.

The trouble with PGP and for Phil Zimmermann (PGP "author") was that the US law defined any encryption above 40 bit key length as munition and therefore he was charged with violating export laws which has severe penalties. The case ran for some years and was later dropped.
Ramihyn is offline   Reply With Quote
Unread 1 Mar 2006, 07:56   #17
Ramihyn
Emperor
 
Join Date: Jul 2001
Location: in front of a computer
Posts: 490
Ramihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud of
Re: Encryption

Quote:
Originally Posted by Yahwe
that's not quite true ...
Actually from what i remember about the UK RIP act, gordon is right. There is a reason why features like "Hidden volumes" are showing up in recent crypto software (check the TrueCrypt manual section "Plausible deniability" or something like that).

Just like the data retention act will lead to a massive boost of some anonymisation technology among "average" users.
Ramihyn is offline   Reply With Quote
Unread 1 Mar 2006, 08:31   #18
Androme
☆ ♥ 
 
Androme's Avatar
 
Join Date: Jan 2003
Posts: 3,489
Androme can only hope to improve
Re: Encryption

When it comes to passwords and encryption (since brute force cracker was mentioned) it simply looks for the most common letters (eg: "E") and see if there any patterns.

The types of encryption commonly commonly used in relation to keys are single key (one key used to encrypt and decrypt) and double key encryption methods where-by one key is used to encrypt the message (public key) and another is used to decrypt it (private key). The public key is made available to everyone and the private key is kept 'private'. They aren't the same on the basis of extremely large prime numbers. Two prime numbers multiplied by each other = significantly larger number.

That is the principle behind how double-key works where one key is used to encrypt a message and another key but similar is used to decrypt a message. Just because someone finds out the number that the two large prime makes, it would take an extremely long time to figure out what two primes make that number because of the size of these primes.
__________________
R3: LegioN (came #32) || R4: BlueTuba
R5: WolfPack Order || R6: Wolfpack
R7: Fury
----------retired-------
R52-R55: Apprime
R56-R57: FaceLess
R58-60: Apprime/Ultores
Androme is offline   Reply With Quote
Unread 1 Mar 2006, 09:16   #19
Radical Edward
Registered User
 
Join Date: Feb 2002
Location: South Pacific
Posts: 4,911
Radical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by Nodrog
No (non-quantum) encryption is literally unbreakable, but you can reduce the probability of it being broken by brute force so low that it become unbreakable in practice. RSA with a significantly long key length is pretty much unbreakable, and implementations such as PGP have been banned in America as a result

That's wrong. One time pads where the pad is the length of the message are unbreakable, unless you can get hold of the encryption pad. The difficulty of course is ensuring that the pad is kept secure. Quantum Encryption is basically a method of generating a secure one time pad.
__________________
I think it's time we blow this scene, get everybody and the stuff together..........

ok 3..... 2..... 1.. let's jam
Radical Edward is offline   Reply With Quote
Unread 1 Mar 2006, 09:20   #20
Radical Edward
Registered User
 
Join Date: Feb 2002
Location: South Pacific
Posts: 4,911
Radical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by Androme2
The types of encryption commonly commonly used in relation to keys are single key (one key used to encrypt and decrypt) and double key encryption methods where-by one key is used to encrypt the message (public key) and another is used to decrypt it (private key). The public key is made available to everyone and the private key is kept 'private'. They aren't the same on the basis of extremely large prime numbers. Two prime numbers multiplied by each other = significantly larger number.

digital signiatures work the other way round - the encryption key is kept private and the decryption key is made public. so when you decrypt the message and see that it is what you expect it to be, then you can be sure that the person that encrypted it and sent it to you, is the person holding the private encryption key.
__________________
I think it's time we blow this scene, get everybody and the stuff together..........

ok 3..... 2..... 1.. let's jam
Radical Edward is offline   Reply With Quote
Unread 1 Mar 2006, 09:35   #21
Androme
☆ ♥ 
 
Androme's Avatar
 
Join Date: Jan 2003
Posts: 3,489
Androme can only hope to improve
Re: Encryption

Quote:
Originally Posted by Radical Edward
digital signiatures work the other way round - the encryption key is kept private and the decryption key is made public. so when you decrypt the message and see that it is what you expect it to be, then you can be sure that the person that encrypted it and sent it to you, is the person holding the private encryption key.
What's the difference between that and digital certificates then?
__________________
R3: LegioN (came #32) || R4: BlueTuba
R5: WolfPack Order || R6: Wolfpack
R7: Fury
----------retired-------
R52-R55: Apprime
R56-R57: FaceLess
R58-60: Apprime/Ultores
Androme is offline   Reply With Quote
Unread 1 Mar 2006, 12:48   #22
Nodrog
Registered User
 
Join Date: Jun 2000
Posts: 8,476
Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Nodrog has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

Quote:
Originally Posted by Ramihyn
Cryptographers might disagree: One-time-pads
.
my mistake, thanks
Nodrog is offline   Reply With Quote
Unread 1 Mar 2006, 17:35   #23
acropolis
Vermin Supreme
 
acropolis's Avatar
 
Join Date: Jul 2000
Location: Pittsburgh
Posts: 3,280
acropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better place
Re: Encryption

Quote:
Originally Posted by Radical Edward
Quantum Encryption is basically a method of generating a secure one time pad.
if you can securely transmit a one-time pad, you could just as easily transmit a secure message.
acropolis is offline   Reply With Quote
Unread 1 Mar 2006, 21:48   #24
Ramihyn
Emperor
 
Join Date: Jul 2001
Location: in front of a computer
Posts: 490
Ramihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud ofRamihyn has much to be proud of
Re: Encryption

Quote:
Originally Posted by acropolis
if you can securely transmit a one-time pad, you could just as easily transmit a secure message.
The "usual" way to use this is that you generate a media like a DVD, a DAT tape or even a hard disk full of really random data and meet with whoever you want to exchange secure messages for example during a public convention (those are also regularly used to sign each others PGP keys for example so you build up a chain of trust). Afterwards you can exchange "secure" messages with that person till the random data is used up.

ps: Eddie: dznlkysfvno 78apöhnsdfv 7fhf23p4hslö
Ramihyn is offline   Reply With Quote
Unread 1 Mar 2006, 23:22   #25
hyfe
Dum Di Dum Di
 
Join Date: Sep 2001
Posts: 858
hyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet societyhyfe is a pillar of this Internet society
Re: Encryption

Quote:
Originally Posted by acropolis
if you can securely transmit a one-time pad, you could just as easily transmit a secure message.
Yeah, but if the transmitting the one-time pad fails, you can always try again with a new one. The message won't have been compromised.
__________________
Ni! M00!
my boring homepage
hyfe is offline   Reply With Quote
Unread 2 Mar 2006, 01:43   #26
meglamaniac
Born Sinful
 
meglamaniac's Avatar
 
Join Date: Nov 2000
Location: Loughborough, UK
Posts: 4,059
meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.meglamaniac has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Encryption

A couple of years ago I built a mIRC script to encrypt text based around OTP. It's not as secure as a true OTP as it uses pads of a set length as it's "keys", so if the message length exceeds the pad length, it will loop back round to the start of the pad and carry on. To counteract this somewhat, it uses TWO pads at the same time and alternates between them (well it's not quite that simple but still). Also, as it's designed to encrypt text, it shuffles the words around, but in such a way that it can unshuffle them again. In addtion, it performs rotary bitshifts either left or right, but again in such a way that it still knows which way to bitshift to decrypt.

If you have access to the algorithm then the shuffling, the bitshifting, and the other protection mechanisms are uesless in security terms. However, if you gain access to the pads without the algorithm, they provide another layer of encryption to be broken.

One standard method to break weak encryption is to look for possible patterns of letters. For example, in a simple substitution scheme you might notice that "iu" appears often, and conclude that this represents "th". This then gives you pointers to additional patterns, and so on. While it's not quite that simple, the same attack can be used against OTPs where the pad length is shorter than the message. The shorter the pad in comparison to the message, the greater the scope for attack.
Word shuffling does nothing to prevent this method of attack (although it does provide confusion by not producing a sensible sentance), but bitshifting and the use of two pads at varying rates (it's not a simple case of letter 1 uses value 1 of pad 1, letter 2 uses value 1 of pad 2, letter 3 uses value 2 of pad 1, etc) does do a reasonable job of screwing this attack vector up.

Quote:
Originally Posted by hyfe
Yeah, but if the transmitting the one-time pad fails, you can always try again with a new one. The message won't have been compromised.
This is the encrypted version of the above quote:
Quote:
Originally Posted by crypto output
5F7S7C7145310G271J5631632U513H3M40334T70122H3D6P7T2P3P0B5E52271S70126L5E4I24191P085F4N4O7T58250H2A17 0C5A5N4O6O6M6U101B385C483C0E7J104A3I546M6C3N3K7F4P7B5K61166A6H0825571B6N7F541R3R6E2C7I513F2K6U3R081F 4P1B5J145F6N681E6F7U5B3G372B4G2T560F6A7447216B6R384N504T5O2Q0E114A556L
Unfortunately, due to limitations about what data values mIRC can display and store, the encrypted output is in double zero padded base 32* instead of bytewise binary (ie. 8 zero padded base 2), making it longer than the plaintext when saved to disk. This appears to violate one of the general principals of encryption - the encryption should not alter the length of the message. However, follow the previous asterix to find out why this is not quite as bad as it seems.


If you are interested, you can find the script here. Hyfe's post was encrypted using the two default pads contained in the zip file, so if you want you can actually follow the algorithm all the way through on paper.




* ie. 1 becomes "01", 255 becomes "7V", 25 becomes "0P" and 32 becomes "10". The zero padding is there to ensure that each value of the message is a group of two characters. This ensures that it can be decrypted, as otherwise I would have no way of knowing which values were a single character in length and which were a group of two. This way they are always in groups of two.
If you divide the length of the encrypted message by two, you have the length, in bytes, of the original message. The extra length is caused by the difference in representation, NOT by the encryption algorithm.
__________________
Worth dying for. Worth killing for. Worth going to hell for. Amen.

Last edited by meglamaniac; 2 Mar 2006 at 02:05.
meglamaniac is offline   Reply With Quote
Unread 2 Mar 2006, 08:46   #27
queball
Ball
 
queball's Avatar
 
Join Date: Oct 2001
Posts: 4,410
queball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so little
Re: Encryption

Quote:
Originally Posted by meglamaniac
A couple of years ago I built a mIRC script to encrypt text based around OTP. It's not as secure as a true OTP as it uses pads of a set length as it's "keys", so if the message length exceeds the pad length, it will loop back round to the start of the pad and carry on. To counteract this somewhat, it uses TWO pads at the same time and alternates between them (well it's not quite that simple but still).
This could at most have the effect of doubling the pad length. In fact it looks to me like the algorithm pad length is still effectively 1024; it ignores half of each key and interleaves the rest together.

Quote:
Also, as it's designed to encrypt text, it shuffles the words around, but in such a way that it can unshuffle them again. In addtion, it performs rotary bitshifts either left or right, but again in such a way that it still knows which way to bitshift to decrypt.

If you have access to the algorithm then the shuffling, the bitshifting, and the other protection mechanisms are uesless in security terms. However, if you gain access to the pads without the algorithm, they provide another layer of encryption to be broken.
Even for a secret code, bitshifting provides a tiny tiny amount of obfuscation (it could be made slightly better by compressing the original message) and word shuffling is basically worthless. I thought we proved this in some kind of contest a while back?

Quote:
One standard method to break weak encryption is to look for possible patterns of letters. For example, in a simple substitution scheme you might notice that "iu" appears often, and conclude that this represents "th". This then gives you pointers to additional patterns, and so on. While it's not quite that simple, the same attack can be used against OTPs where the pad length is shorter than the message. The shorter the pad in comparison to the message, the greater the scope for attack.
It's easy to break a one-time-pad used even twice on plain text. Why not use AES?

Quote:
Word shuffling does nothing to prevent this method of attack (although it does provide confusion by not producing a sensible sentance), but bitshifting and the use of two pads at varying rates (it's not a simple case of letter 1 uses value 1 of pad 1, letter 2 uses value 1 of pad 2, letter 3 uses value 2 of pad 1, etc) does do a reasonable job of screwing this attack vector up.
It really doesn't. It's like shuffling a pack of shuffled cards.
queball is offline   Reply With Quote
Unread 2 Mar 2006, 08:57   #28
Radical Edward
Registered User
 
Join Date: Feb 2002
Location: South Pacific
Posts: 4,911
Radical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by Androme2
What's the difference between that and digital certificates then?

none at all. That is the method they use.
__________________
I think it's time we blow this scene, get everybody and the stuff together..........

ok 3..... 2..... 1.. let's jam
Radical Edward is offline   Reply With Quote
Unread 2 Mar 2006, 09:05   #29
Radical Edward
Registered User
 
Join Date: Feb 2002
Location: South Pacific
Posts: 4,911
Radical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriendRadical Edward needs a job and a girlfriend
Re: Encryption

Quote:
Originally Posted by acropolis
if you can securely transmit a one-time pad, you could just as easily transmit a secure message.
Yes, that's right. but if the transmission system (be it a phone line or a man with a briefcase full of one time pads) is compromised, then the whole system falls apart. The principle behind quantum encryption, is that every time you have an uncompromisable one time pad, because you can tell if someone is tapping your transmission system (fiber optical cable or free space). The one time pad is generated by the sender and reciever and cannot be seen by anyone else during transmission. even the sender and reciever don't know what the pad will be until they have released certain publically available information between the two of them.
__________________
I think it's time we blow this scene, get everybody and the stuff together..........

ok 3..... 2..... 1.. let's jam
Radical Edward is offline   Reply With Quote
Unread 2 Mar 2006, 18:00   #30
acropolis
Vermin Supreme
 
acropolis's Avatar
 
Join Date: Jul 2000
Location: Pittsburgh
Posts: 3,280
acropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better placeacropolis single handedly makes these forums a better place
Re: Encryption

Quote:
Originally Posted by queball
It's easy to break a one-time-pad used even twice on plain text. Why not use AES?
that's surprising to me.

i have to assume that maybe for a 1kb pad encrypting a 2k message, it would be pretty easy (yes?).

but for, say, a 1Mb message, encrypted with a pad (of unknown length) probably somewhere between 1.1 and 3 times (so i guess the pad being between 300kb and 900kb) would it still be 'easy'?

how would you go about it?

(or are we restricting ourselves to short messages?)
acropolis is offline   Reply With Quote
Unread 2 Mar 2006, 18:34   #31
Androme
☆ ♥ 
 
Androme's Avatar
 
Join Date: Jan 2003
Posts: 3,489
Androme can only hope to improve
Re: Encryption

Quote:
Originally Posted by meglamaniac
One standard method to break weak encryption is to look for possible patterns of letters.
Dude, I said that ^^
__________________
R3: LegioN (came #32) || R4: BlueTuba
R5: WolfPack Order || R6: Wolfpack
R7: Fury
----------retired-------
R52-R55: Apprime
R56-R57: FaceLess
R58-60: Apprime/Ultores
Androme is offline   Reply With Quote
Unread 2 Mar 2006, 19:09   #32
Knight Theamion
Miles Teg
 
Knight Theamion's Avatar
 
Join Date: Nov 2001
Location: Dom City
Posts: 5,192
Knight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like himKnight Theamion is an inspiration to us all and we should try to be more like him
Re: Encryption

Did Yawhe stop posting here because nodrog proved him wrong?

Just a bit of off-topic wondering
__________________
Audentes Fortuna Iuvat
Knight Theamion is offline   Reply With Quote
Unread 2 Mar 2006, 19:13   #33
queball
Ball
 
queball's Avatar
 
Join Date: Oct 2001
Posts: 4,410
queball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so littlequeball contributes so much and asks for so little
Re: Encryption

Quote:
Originally Posted by acropolis
that's surprising to me.

i have to assume that maybe for a 1kb pad encrypting a 2k message, it would be pretty easy (yes?).

but for, say, a 1Mb message, encrypted with a pad (of unknown length) probably somewhere between 1.1 and 3 times (so i guess the pad being between 300kb and 900kb) would it still be 'easy'?

how would you go about it?

(or are we restricting ourselves to short messages?)
Me and megla only played with short messages. I believe random pad lengths would still be very easy for an amateur to break. It's just looking for patterns. In fact XOR on plain text has a weakness for random key lengths. Consider what happens if you have two plain text strings each XOR'd with the same code. XOR them with each other; one simple test is you'll find this clears bit seven. Then you just need to do this for each possible key length. This could be easily fixed by randomising bit 7, but you'll still have bit six cleared on something like 70% of the letters. This is real amateur stuff. I have no idea how to crack compressed files, say.
queball is offline   Reply With Quote
Reply


Thread Tools
Display Modes

Forum Jump


All times are GMT +1. The time now is 11:09.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2018