On 4 January 2011 10:15, Rowan Berkeley <[email protected]> wrote:
> On Tue, 2011-01-04 at 08:02:03 +0000,Sean Miller <[email protected]> > wrote: > > > On 4 January 2011 07:45, Rowan Berkeley <[email protected]> > > wrote: > > > I have the file itself, and the default OpenSSL packages for 10.04, > > > but OpenSSL is a command line application and I wonder if anyone > > > could tell me what to type into the terminal in order to at least > > > inspect the file and gain some information about it. > > > > Well, it's encrypted so you'd need to know the encryption key (aka > > "password") to inspect the file... if you don't, you can't. Or am I > > misunderstanding something? Sean > > I don't know much about cryptography, but if I could compare the > situation to a box with a lock on it, it should be possible to see the > keyhole at least. Thus, I would expect it to be possible to look at the > file and say, yes, this is a text file encrypted with AES256, and it > requires a password of x characters to open it. R > > > The encryption key will show how the file has been encrypted but certainly not the length of the password, which would be an open attack vector. There are tools in the OpenSSL toolkit that validate encrypted files without providing any identifying information. s/ -- Twitter: @sfgreenwood "Is this your sanderling?"
-- [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
