Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Determining the encryption used
From: Tonnerre Lombard <tonnerre.lombard () sygroup ch>
Date: Fri, 12 May 2006 06:58:31 +0100


On Thu, 2006-05-11 at 18:20, John Madden wrote:
Is it possible to determine the encryption used by
"looking" at the encrypted results or lenght ?

A perfect symmetric cipher returns a big bunch of random bytes. 

I know that with Base64 it's pretty easy because of
the "==" at the end.

base64 is an encoding. Even EBCDIC is more secure than that these days.

(BTW, the DES encoding is also not very hard to determine. ;-)

Also if there are any tools besides openssl that you
found usefull to try all the cipher, consecutively
with a passphrase/keyword against a file/string

It would decrypt about anything to about anything else.

In fact, most programs that support different encryption types do in
fact have some kind of "envelope" to stick their data into. This
"envelope" is mostly implementation specific but contains all
information about the ciphers used. However, most of the time it is
transferred with asymmetric crypto on, so it's a bit hard to tell unless
someone really broke it.

However, most applications have a default preference. That is, nowadays
most programs are somewhat AES-192-phile even though noone would
actually recommend the use of AES (I hope).

However, passwords or whatever stored in a database are not encrypted
with a symmetric cipher most of the time (Except for DES "encoded"
passwords). In this area you can usually tell the hash by the length of
the stored data (but you can't correlate it to the length of the
original input):

7 bytes / 56 bit -> DES
32 bytes / 256 bit -> MD5 or SHA2
40 bytes / 320 bit -> SHA1
64 bytes / 512 bit -> SHA2
96 bytes / 768 bit -> SHA2

The byte values assume that you use hexadecimal encoding. With base64,
they're different of course. Refer to the number of used bytes then.

BTW, if you're free to choose a hash function for your program, don't
use DES, MD5 or SHA1. DES isn't worth anything more than EBCDIC these
days, MD5 has 8 bit of security margin left (so if you attack it, you
need to bruteforce 256 possibilities to find a collision - not really
hard to do), and SHA1 isn't that much safer anymore either. SHA2 isn't
really good at that, but at least it didn't fall apart that much yet.

Call to everyone: we need a new decent hash function!

SyGroup GmbH
Tonnerre Lombard

Loesungen mit System
Tel:+41 61 333 80 33    Roeschenzerstrasse 9
Fax:+41 61 383 14 67    4153 Reinach
Web:www.sygroup.ch      tonnerre.lombard () sygroup ch

Attachment: signature.asc
Description: This is a digitally signed message part

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]