On Sun, 2006-05-28 at 16:23 -0500, John Lenz wrote:
> Christian Tschabuschnig wrote:
> > John Lenz wrote:
> >> You could write your script to first build a database of the encryption
> >> of the text <?xml using all the different passwords in your list.  Then,
> >> you just need to do a binary search for the first few bytes of the
> >> encrypted text.
> > 
> > isn't the "<?xml" compressed by zlib in the original data-file before
> > getting encrypted?
> > 
> Yes, you are correct.  Sorry.  The attack should still be feasable
> depending on the zlib algorithm (which I am not familiar with)

Nope - Revelation uses cipher block chaining to prevent this.

-- 
Erik Grinaker <[EMAIL PROTECTED]>
http://erikg.codepoet.no/

"We act as though comfort and luxury were the chief requirements of
life, when all that we need to make us happy is something to be
enthusiastic about."
                                                  -- Albert Einstein


Reply via email to