Crypto Mode:
(Page 6 of 7)  < Prev  1 2 3 4 5 6 7  Next >
Re: AES 2007-12-16
Scott G. Kelly (s kelly ix netcom com)
Certainly, botnets change the way we must think about such things, and they do put key cracking for many applications within reach, where it was out of reach before. But I was talking about encryptions per second, not encryptions per workstation. Let's plug in some numbers to get a sense of what a h

[ more ]  [ reply ]
RE: AES 2007-12-14
Scott G. Kelly (s kelly ix netcom com)
An important caveat: the NIST estimate assumes cryptanalytical advances, along with hardware advances, but does not suggest that hardware alone will be sufficiently advanced within that amount of time to _brute force_ 128 bit keys.

Brute forcing a 128-bit key will take, on average, 2^127 encryptio

[ more ]  [ reply ]
AES 2007-12-14
Cristian Serban (scrissti gmail com) (2 replies)
Hi guys and girls,
I have a quick question, and i thought you might know.
Do you know if it's possible to find the encryption key if i have a
file both encrypted and unencrypted using AES?
Do you know any tool that does brute forcing on specified algorithms?
Thanks a lot,

--
Cristian

[ more ]  [ reply ]
Re: AES 2007-12-14
Brad Hards (bradh frogmouth net) (1 replies)
Re: AES 2007-12-14
Cristian Serban (scrissti gmail com) (1 replies)
RE: AES 2007-12-14
Geoff Choo (geoff choo zonnet nl) (2 replies)
RE: AES 2007-12-14
Zulfikar Ramzan (Zulfikar_Ramzan symantec com)
Re: AES 2007-12-14
Cristian Serban (scrissti gmail com)
R: AES 2007-12-14
Marco Ceriani (marco ceriani shareunit it)
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's 2007-11-09
Dragos Ruiu (dr kyx net)
I'd like to congratulate Adam Laurie for winning the second Powerbook
from the Pwn_to_Own contest as the prize for the best speaker rated
by the audience for his presentation on RFID at CanSecWest 2007.
We will have a similar prize for the best speaker at CanSecWest 2008,
prize TBD (but we promise i

[ more ]  [ reply ]
Breaking NSF encryption 2007-11-06
Robert Hudock (rhudock gmail com) (2 replies)
I was wondering if anyone was aware of a tool that can break/ recover an
encrypted NSF (Lotus Notes) database.
--

Robert J. Hudock, Esq., CISSP
Associate, Epstein Becker and Green, PC.
Washington, DC Office
1227 25th Street, NW
Suite 700
Washington, DC 20037-1156
Phone: 202/861-1893
Fax: 202/861-3

[ more ]  [ reply ]
Re: Breaking NSF encryption 2007-11-07
Ali, Saqib (docbook xml gmail com)
Re: Breaking NSF encryption 2007-11-07
Jan Heisterkamp (janheisterkamp web de)
oops, my bad (was: choice of salt) 2007-10-31
SecFocus subscriber Dave Aronson (secfocus2dave davearonson com) (1 replies)
I think I see where I misgrokked the original situation. I *initially* thought that what was being described was, in pseudocode:

storedPwd = crypt (givenPwd, firstTwoChars (crypt (givenPwd, "")));

IOW, a decidedly non-random salt, derived from the password, thus next to worthless. But, upon fol

[ more ]  [ reply ]
Re: oops, my bad (was: choice of salt) 2007-10-31
Jamie Riden (jamie riden gmail com)
Re: choice of salt 2007-10-31
SecFocus subscriber Dave Aronson (secfocus2dave davearonson com)
Jamie Riden [mailto:jamie.riden (at) gmail (dot) com [email concealed]] writes:

> If your randomly chosen salt is two characters chosen from [0-9A-Za-z]
> then your precomputed tables would have to be 62*62 times the size
> compared with using no salt.

Right, but IIUC what's going on, the salt in this case is not random.

[ more ]  [ reply ]
choice of salt 2007-10-31
SecFocus subscriber Dave Aronson (secfocus2dave davearonson com) (1 replies)
Sébastien Barbieri [mailto:sebastien.barbieri (at) gmail (dot) com [email concealed]] writes:

> The "salt" used in the crypt is the 2 first letter of the crypted pass:

I'm no crypo-guru, but that doesn't seem worthwhile to me. It just makes a minor alteration in the algorithm, rather than adding any further data-based entro

[ more ]  [ reply ]
Re: choice of salt 2007-10-31
Jamie Riden (jamie riden gmail com)
Fwd: MD5 is salted, but SHA-1 is not. Why? 2007-10-31
Sébastien Barbieri (sebastien barbieri gmail com)
Hello,

The "salt" used in the crypt is the 2 first letter of the crypted pass:
ex:

#htpasswd -n -d -b test test
test:tY5DrOv.qp4mA
tY is the salt
=> crypt("test","tY") // see man 3 crypt return--> tY5DrOv.qp4mA

Now what's the goal of a salt?
A salt is used to slow down the attack against a pre-ha

[ more ]  [ reply ]
A Synchronous Stream Cipher from Hash Function 2007-10-27
angelo rosiello org
I released some presentations and article in my personal webpage.

There you will also find the following article released by the International Journal of Computer Science and Network Security:

"Design of a Synchronous Stream Cipher from Hash Functions", International Journal of Computer Science an

[ more ]  [ reply ]
MD5 is salted, but SHA-1 is not. Why? 2007-10-26
anon6565 hushmail com
Hello,

The htpasswd program (which is used to create usernames and
passwords that the Apache web server can use for basic
authentication) can use crypt(), MD5 and SHA-1 to hash passwords.
When it uses crypt() or MD5 it uses a salt, but the SHA-1 passwords
are unsalted. There seems to be no info

[ more ]  [ reply ]
CFP for HITBSecConf2008 - Dubai now open 2007-10-23
Praburaajan (prabu hackinthebox org)
The CFP for HITBSecConf2008 - Dubai is now open.

Our 2008 event is expected to attract over 300 attendees from around the
EMEA region and will see keynote speakers Bruce Schneier (Founder and
CTO, BT Counterpane) and Jeremiah Grossman (Founder and CTO, White Hat
Security). The event is supported an

[ more ]  [ reply ]
Re: Re: hdd encryption 2007-09-13
this_is_an_invalid mail org
I guess TrueCrypt helps you.

It's opensource. If necessary, you or someone can adapt the code for your needs.

http://www.truecrypt.com

[ more ]  [ reply ]
Re: hdd encryption 2007-09-05
Alexander Abdo (alex dinocrypt org) (2 replies)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

First thanks for the response.
We do have linux systems but the majority is windows based.
Are there any more suggestions for the windows part?

Sorry that I forgot to mention and thanks in advance,
Alex
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4

[ more ]  [ reply ]
Re: hdd encryption 2007-09-10
virus nolog org
Re: hdd encryption 2007-09-06
Marc Vilanova Vilasero (mvilanova elacaixa com) (1 replies)
Re: hdd encryption 2007-09-06
xelerated (xelerated gmail com)
(Page 6 of 7)  < Prev  1 2 3 4 5 6 7  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus