Home page logo

webappsec logo WebApp Sec mailing list archives

RE: Which encryption algorithm used?
From: "Tom Arseneault" <TArseneault () counterpane com>
Date: Wed, 26 May 2004 15:08:31 -0700


First, one pseudo random pattern looks pretty much like anyother. So if
you just have the encrpted note with no header or footer information any
good algorithm will output pseudo random patterns that are
indistinguishable from any other. Second, just because a proper
algorithm should only rely on the key for secuirty, a little secuity
thru obscurity always helps if it slows down his/her/it's cracking
procedure (waste his/her/it's time tracing down the wrong algorithm).
Third I think Christopher is right, (and this is a guess as I don't do
crypto software development) products that support muliple encryption
algorithms (such as PGP/GPG email products) probably have to include
this information in the file somewhere (header or footer or in the
public key package, I think in would be in the key package as if you
tell the sender to use a certain algorithm it should also help with
interoperability between vendors products if they support different sets
of algorithms with only one or two in common) so the recipient can
decrypt it properly.

Thomas J. Arseneault 
Security Engineer
Counterpane Internet Security
tarseneault () counterpane com

-----Original Message-----
From: John Borwick [mailto:borwicjh () wfu edu] 
Sent: Wednesday, May 26, 2004 7:21 AM
To: Pitts, Christopher C.
Cc: webappsec () securityfocus com
Subject: Re: Which encryption algorithm used?

Pitts, Christopher C. wrote:
With a proper algorithm, it should be nearly impossible.  That being
said, many implementations, stick a header or footer that can be used to
identify the method used.  Take a look at mcrypt and it's bare function,
you can use it to compare the stripped (--base IIRC) ouput of the
different algorithms.

What do you mean, "with a proper algorithm"?  Cryptographic algorithms
are supposed to be secure *even when the methods used are known*.  The
only thing that has to be secret is the key.

            John Borwick
        Systems Administrator
       Wake Forest University | web  http://www.wfu.edu/~borwicjh
       Winston-Salem, NC, USA | GPG key ID               56D60872

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]