• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

CryptoBuddy Predictable Encrypted Passphrase Weakness

It has been reported that the passphrase encryption algorithm employed by CryptoBuddy is weak. Specifically, the encryption algorithm used generates predictable ciphertext for specific sequences of characters used as a passphrase.

An attacker can exploit this weakness to build a dictionary of encrypted passphrases and use this to decrypt stolen files.