Now, you said "compressed files" and you might not have meant
pictures, but note that L-Z style compressed files don't really have
much in the way of headers. If the headers were a problem, you'd
expect longer files to bury any deviation in the noise, but it
doesn't. The longer the files I test th
The only things that it usually passes as good are for-purpose random
number generators' or ciphers' outputs. Everything else (including a
terabyte of RC4 output, executables, zip archives, jpegs, mpegs,
mp3s, ...) that I've pointed it at, fails one or more of the tests.
Have you tried removing
At 17:05 -0400 2006/10/12, Steven M. Bellovin wrote:
This is a very interesting suggestion, but I suspect people need to be
cautious about false positives. MP3 and JPG files will, I think, have
similar entropy statistics to encrypted files; so will many compressed
files.
Actually, no. I have
| > Beyond that: Are weak keys even detectable using a ciphertext-only
| > attack (beyond simply trying them - but that can be done with *any* small
| > set of keys)?
|
| Yes, generally, that's the definition of a weak key.
Which weak keys would those be? The DES weak keys are self-inverting:
En
"Travis H." <[EMAIL PROTECTED]> writes:
> On 10/12/06, Leichter, Jerry <[EMAIL PROTECTED]> wrote:
>> Beyond that: Are weak keys even detectable using a ciphertext-only
>> attack (beyond simply trying them - but that can be done with *any* small
>> set of keys)?
>
> Yes, generally, that's the defi
On 10/12/06, Leichter, Jerry <[EMAIL PROTECTED]> wrote:
Beyond that: Are weak keys even detectable using a ciphertext-only
attack (beyond simply trying them - but that can be done with *any* small
set of keys)?
Yes, generally, that's the definition of a weak key.
But that's an odd
attack to
| > This suggests that,
| > rather than looking for weak keys as such, it might be worth it to
| > do "continuous online testing": Compute the entropy of the generated
| > ciphertext, and its correlation with the plaintext, and sound an
| > alarm if what you're getting looks "wrong". This might b
On Thu, 12 Oct 2006 16:50:13 -0400 (EDT), "Leichter, Jerry"
<[EMAIL PROTECTED]> wrote:
> This suggests that,
> rather than looking for weak keys as such, it might be worth it to
> do "continuous online testing": Compute the entropy of the generated
> ciphertext, and its correlation with the plain
| Given how rare weak keys are in modern ciphers, I assert that code to cope
| with them occurring by chance will never be adequately tested, and will be
| more likely to have security bugs. In short, why bother?
Beyond that: Are weak keys even detectable using a ciphertext-only
attack (beyond si
Given how rare weak keys are in modern ciphers, I assert that code to cope
with them occurring by chance will never be adequately tested, and will be
more likely to have security bugs. In short, why bother?
-
The Cryptography Mai
Hi all,
It occured to me that there is a half-decent way to avoid weak keys in
algorithms
when it is undesirable or impossible to prompt the user for a
different passphrase.
It is even field-upgradable if new weak keys are found.
Basically, instead of using the hash of the passphrase up front, y
11 matches
Mail list logo
