On Thu, Feb 10, 2011 at 10:41, Matthew W. Ross <[email protected]> wrote: >> A truly random 256-bit symmetric key could theoretically be cracked >> given enough time, but time to brute-force (given known technology) is >> generally given in billions of years. > > Awesome. > > Okay, here's a crypto theory question for ya... Could this be possible: > > A encrypted blob has the data required, and requires a key to unlock. If you > have the key, it unlocks correctly and you have the data. Straight forward, I > would think... > > But the blob is created in such a way that two keys work... one which is easy > (or easier) to crack, perhaps with some dictionary-derived key, and another > which is much harder to crack. > > This special blob will appear to be successfully cracked with the easier > key... which the hacker then uses to try and pull data from whatever server > they think they just compromised. > > The server knows both keys and uses the fact that the easier key (a 'honeypot > key'?) was used to assume the key is in the process of being cracked... and > then takes appropriate measures to prevent the account from being truly > compromised... perhaps issuing a new key? > > Is this even possible? Perhaps this is already being done?
This is possible, but unlikely to deter a determined attacker who is sufficiently wary and with sufficient resources, and I believe the resources needed probably won't be all that great. Why? Because the input has to follow a defined path through an executable, and single-stepping through that executable in a debugger will reveal that the code path for an invalid password is being followed. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
