On Sun, 2006-05-28 at 16:23 -0500, John Lenz wrote:
> Christian Tschabuschnig wrote:
> > John Lenz wrote:
> >> You could write your script to first build a database of the encryption
> >> of the text <?xml using all the different passwords in your list. Then,
> >> you just need to do a binary search for the first few bytes of the
> >> encrypted text.
> > isn't the "<?xml" compressed by zlib in the original data-file before
> > getting encrypted?
> Yes, you are correct. Sorry. The attack should still be feasable
> depending on the zlib algorithm (which I am not familiar with)
Nope - Revelation uses cipher block chaining to prevent this.
Erik Grinaker <[EMAIL PROTECTED]>
"We act as though comfort and luxury were the chief requirements of
life, when all that we need to make us happy is something to be
-- Albert Einstein