Home page logo
/

basics logo Security Basics mailing list archives

Re: Recognizing Encryption Type
From: Neil <neil () voidfx net>
Date: Mon, 06 Feb 2006 21:23:12 +0530

On 2/3/2006 1:12 PM, Vladimir B. Kropotov wrote:
Hi Folks

mam> I was just wondering if there was a feasible way in order to obtain the
mam> encryption type of a specific file. Could this be done using a third
mam> party program that would inspect the running process of the encryptor as
mam> it is working on the input file and after that examining the resulting
mam> output? If not using this procedure, would the attacker be able to
mam> identify the encryption type by reverse engineering the encryptor program?

Basically strong cryptography protocols secutity MUSTN'T change if
protocol is known for attacker. All strong cryptography protocols
consider that encryption method is known.

Another poing of view: if you use system that not suited for security
level (e.g. B2) you mustn't care about attacker which "able to identify
the encryption type", becuase your WHOLE system is strong as your
weaknest link. If  atackers program would inspect the running process of the encryptor as
it is working on the input file - you SHOULDN'T care about encryption
type, you screwed up and loose all your sensitive information.

Direct Answer.
It's possible, especially if you can control input and output.
For more information ask Russian and US experts www.fsb.ru and
www.cia.gov :-D



Regards
Vladimir B.Kropotov


If well, nothing is safe if you can inspect the process as it run,
because you can grab the key out of the process (even if it encrypts the
key as well, because _that_ encryption has to come from somewhere, and
the attacker can inspect that too).

But with strong encryption, assuming you use a different key each time,
the type of encryption is irrelevant.

-- 
Neil.
http://voidfx.net
"As scarce as truth is, the supply has always been in excess of the demand."
--Josh Billings

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault