See, this is why people much smarter than I are into computer security. I could just never keep up.
--Matt Ross Ephrata School District ----- Original Message ----- From: Kurt Buff [mailto:[email protected]] To: NT System Admin Issues [mailto:[email protected]] Sent: Thu, 10 Feb 2011 13:23:45 -0800 Subject: Re: Crypto Theory -- Was: IPhone attack reveals passwords in six minutes > On Thu, Feb 10, 2011 at 10:41, Matthew W. Ross <[email protected]> > wrote: > >> A truly random 256-bit symmetric key could theoretically be cracked > >> given enough time, but time to brute-force (given known technology) is > >> generally given in billions of years. > > > > Awesome. > > > > Okay, here's a crypto theory question for ya... Could this be possible: > > > > A encrypted blob has the data required, and requires a key to unlock. If > you have the key, it unlocks correctly and you have the data. Straight > forward, I would think... > > > > But the blob is created in such a way that two keys work... one which is > easy (or easier) to crack, perhaps with some dictionary-derived key, and > another which is much harder to crack. > > > > This special blob will appear to be successfully cracked with the easier > key... which the hacker then uses to try and pull data from whatever server > they think they just compromised. > > > > The server knows both keys and uses the fact that the easier key (a > 'honeypot key'?) was used to assume the key is in the process of being > cracked... and then takes appropriate measures to prevent the account from > being truly compromised... perhaps issuing a new key? > > > > Is this even possible? Perhaps this is already being done? > > This is possible, but unlikely to deter a determined attacker who is > sufficiently wary and with sufficient resources, and I believe the > resources needed probably won't be all that great. > > Why? > > Because the input has to follow a defined path through an executable, > and single-stepping through that executable in a debugger will reveal > that the code path for an invalid password is being followed. > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
