Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 20 Sep 2014, 16:02
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Why Puppy's Light Encryption Option is a Joke (Educational)
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [18 Posts]   Goto page: 1, 2 Next
Author Message
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Sun 06 Dec 2009, 01:50    Post subject:  Why Puppy's Light Encryption Option is a Joke (Educational)
Subject description: Use the heavy encryption instead!
 

Well, it should go without saying that when presented an option between light or heavy encryption, you should choose the heavy.

Since we have this security section now, I figured I'd make a post illustrating just how much of a joke the light encryption is.


The fun stuff first: Run something like this on your lightly encrypted save file:
Code:
hexdump -C pup_save_cryptx.2fs | head

You will get something like this:
Code:
# hexdump -C pup_save_cryptx.2fs | head
00000000  65 61 74 61 70 6f 6e 79  74 61 00 00 00 00 00 00  |eataponyta......|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  65 61 74 61 70 6f 6e 79  74 61 00 00 00 00 00 00  |eataponyta......|
00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000040  65 61 74 61 70 6f 6e 79  74 61 00 00 00 00 00 00  |eataponyta......|
00000050  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000060  65 61 74 61 70 6f 6e 79  74 61 00 00 00 00 00 00  |eataponyta......|
00000070  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000080  65 61 74 61 70 6f 6e 79  74 61 00 00 00 00 00 00  |eataponyta......|
00000090  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|

Anybody want to guess what I used as the encryption key for that file?

Yes, it's really that simple to crack.

You may wonder, "Why is it so easy? How does it work?" That's what I'm going to explain for the rest of this post.

The basic concept of cryptography is pretty simple: You take the data you want to hide and merge it with other data (or perform a transform) so that it looks like noise. To read it, you remove the second set of data (or undo the transform) to get the original data. The second set of data is typically either a key, or data that is generated based on the key. For the encryption used in Puppy's light encryption mode, it is the key itself.

Puppy's light encryption uses XOR encryption. XOR is a boolean algebra operator, and means "exclusive or". You use it to compare two numbers. For example, if you are comparing a 1 and a 0, it gives you a 1. But if you compare two 0s or two 1s, you get a 0. In other words, it will return true if either input A or input B is true, but not if both are true.

When you are dealing with numbers bigger than 1, you just represent them in binary and take them one digit at a time:
Code:
1010 XOR 0011 = 1001

So let's say B = A XOR K. If you then do C = B XOR K, you will find that C = A.
Code:
1001 XOR 0011 = 1010


So that means that if you, and only you, know K, you can encrypt your data by XOR-ing it with K, and decrypt it by simply XOR-ing it with K again.

That is the way XOR encryption works. Your data is A and your key is K. Except it's a little more complicated than that. Your data is typically very long, while the key is relatively short (hopefully not too short though). So what it does is break up the data into blocks of 64 bytes, and applies K to each of those separately.

As for K, it is whatever you typed in as your key, padded with 0s to make it 64 bytes. In other words, if you type in an 8 character key, that defines the first 8 bytes of K. The rest is just 0s. This has distressing consequences.

The problem with XOR encryption is that if you XOR something with 0, it doesn't do anything. A XOR 0 = A, and also: 0 XOR K = K. So unless you use a 64 character long password, very significant chunks of your data will not be encrypted at all! Furthermore, anywhere there is a sizeable amount of 0s in your data (real 0s, not the ASCII code for the number 0), your key will be visible in the encrypted data.

Also, if the person trying to break in knows what some of the data is at a given location, he can just XOR the known data with the encrypted data to determine that portion of K.

This makes a sad situation even more pitiful: The pup_save file is a filesystem image. Filesystems typically have good amounts of known data in their headers. For example, all the pup_save.2fs files on my harddrive have 0s for the first 1024 bytes. I don't know if that particular block of zeros is standard for ext2 filesystems, but if it isn't, you could just look up the specs for ext2 and locate data that is constant.

Here is some more output from the same file I used above, but from deeper where there is actual data.
Code:
00080460  0b 06 54 05 1f 18 00 59  1b 0f 20 6d 65 0d 0a 50  |..T....Y.. me..P|
00080470  72 65 73 73 69 6e 67 20  64 6f 77 6e 20 6f 6e 20  |ressing down on |
00080480  1c 0e 01 41 1e 00 4e 14  15 0f 20 61 73 6b 20 66  |...A..N... ask f|
00080490  6f 72 0d 0a 55 6e 64 65  72 20 70 72 65 73 73 75  |or..Under pressu|
000804a0  17 04 79 6b 24 07 0f 0d  54 03 75 72 6e 73 20 61  |..yk$...T.urns a|
000804b0  20 62 75 69 6c 64 69 6e  67 20 64 6f 77 6e 0d 0a  | building down..|

As you can see, large amounts of unencrypted data are visible. In this case, it's the lyrics to a song. You can convert my key into K and apply it yourself if you want to see the few bits that are actually encrypted. (The eight digits on the left are the addresses, not the data, so ignore them when applying the key). If you don't know how to translate hexidecimal to binary, and ascii-codes to text, here are some conversion tables:
http://www.ascii.cl/conversion.htm
http://ascii.cl/

Code:
enc:   0b 06 54 05 1f 18 00 59  1b 0f 20 6d 65 0d 0a 50  72 65 73 73 69 6e 67 20  64 6f 77 6e 20 6f 6e 20
key:   65 61 74 61 70 6f 6e 79  74 61 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00
XORed: 6e 67 20 64 6f 77 6e 20  6f 6e 20 6d 65 0d 0a 50  72 65 73 73 69 6e 67 20  64 6f 77 6e 20 6f 6e 20
ascii: n  g     d  o  w  n      o  n     m  e        P   r  e  s  s  i  n  g      d  o  w  n     o  n   
(The astute will notice that this particular text file was created way back when I used 'doze. Wink)



Also, in case you wonder how to create an XOR encrypted file to play with (as opposed to rebooting a couple times to make a new pup_save_cryptx.2fs file):
Code:
modprobe cryptoloop
dd if=/dev/zero of=pup_save_cryptx.2fs count=1k bs=1k
losetup-FULL -E 1 /dev/loop2 pup_save_cryptx.2fs
mke2fs -q -m 0 /dev/loop2
mkdir mount_point
mount /dev/loop2 mount_point

That will create a 1 megabyte XOR encrypted pup_save_cryptx.2fs, and mount it on the mount_point directory (which the mkdir line creates). You can unmount it like this:
Code:
umount mount_point

And you can mount it again like this:
Code:
losetup-FULL -E 1 /dev/loop2 pup_save_cryptx.2fs
mount /dev/loop2 mount_point


Note that only one thing can be using /dev/loop2 at a time. If you want to mount more than one filesystem image at a time, you'll have to use more than one loopback device. You can find a free one with this command:
Code:
losetup -f

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
ttuuxxx


Joined: 05 May 2007
Posts: 10753
Location: Ontario Canada,Sydney Australia

PostPosted: Sun 06 Dec 2009, 05:04    Post subject:  

hmmmmmmmm maybe you might want to build a update for puppy and remove the lite encryption and maybe offer it to Barry or the general audience, seriously I think being secure is best.
ttuuxxx

_________________
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games Smile
Back to top
View user's profile Send private message Visit poster's website 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Sun 06 Dec 2009, 22:45    Post subject:  

Very well done, Thank You - Pizzasgood

Wondered about that option, from my old C class and IBM main frame days understood that Xor has little impact on processor overhead.
One of my few Wdoze programs even capable of opening a 64 meg save file is WinVI, so went and "pawed" through the dual boot un-encrypted save sfs, excerpt below.
It took forever to load, glad it wasn't 512 plus.

Imho, you must consider the audience, I would lay odds, you have the experts knowledge and tools to probably break most any encrypting technique.
(One of my assigned old office mates broke the C - band satellite encryption '93)

Education is probbaly one of most useful things for and about "light encryption". - It might keep my brother-in-law from snooping, or my daughters boyfriend from grabbing a bank account password, or reading college grades, whatever, I personally try never to put much of anything on PC that I wouldn't want others to know, having did some forensics in the past.

But if Aunt MillyTilly passes away leaving me 16,000 dollars, - except the will is on her PC and nobody can start it up. Maybe I could ask for your help in breaking that SFS file for the Attorneys. (And few bucks for you too!) - Whew!, thank the "Main Man" for light encryption!

It was too late to do a dual reboot (you know how long doze takes too boot, heck you can eat foot long subway)

I would be interested in knowing what the performance impact for slow processors is from heavy encryption. Remember, Pup, works well on old hardware (read as - fixed income retirement)

What about the swap file, none of my late 4xx Pups will even open that partition to view? Is this partition especially protected?

Anyway - Thank you for the insight of what goes on underneath our fingers.
jay
winvicrpd.gif
 Description   WinVI snippet from Un-encrypted sfs
 Filesize   1.74 KB
 Viewed   2710 Time(s)

winvicrpd.gif

Back to top
View user's profile Send private message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Mon 07 Dec 2009, 21:59    Post subject:  

XOR has low overhead because one of the basic logic gates used in constructing a processor is an XOR gate, so it can be done in hardware.

Actually I know very little about breaking encryption. I can handle a basic cipher, but haven't dealt with anything more complex. I'm taking a network security class next semester though and it seems to be pretty hands-on, so maybe I'll get into that then.

I actually expected I'd have to do more for XOR encryption than I did, like at least look up the specs for the ext2 filesystem format.

I don't know about the performance. I use heavy on my laptop and don't notice anything. It's not a very slow machine though, despite that it's about seven years old (2.4 GHz single core P4 mobility). I have an old 450 MHz computer I could theoretically test it on, but won't because the poor thing [i]really[i] does not like to boot up. Once booted it will run for months fine. So I use that one as a server.

In a week or so I'm going to come into possession of one of those little computers that you can mount on the back of a monitor. So I can run some benchmarks on it then.



@Ttuuxxx: No point. It's trivial to remove. You just cull out a couple lines in /etc/rc.d/rc.shutdown and adjust the dialog. There's also some code in the initrd.gz, but there's no sense removing that - leave it in for the people who are already using light encryption, and just don't offer it to any new people.

But yeah, I would be a little concerned about the performance, though I don't think it should be noticeable unless you do something really filesystem intensive inside the file, like compiling. But you could always do that sort of thing out in the open harddrive or in a ramdisk (/tmp is usually in ram if you have a pup_save.2fs file). Assuming the presence of enough disk or ram to do that.

I'll definitely do some benchmarking when I get the box.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Tue 08 Dec 2009, 13:34    Post subject: Why Puppy's Light Encryption Option is a Joke (Educational)
Subject description: security saved files
 

Hi all,
Look forward to finding out more about encrypting overhead. Is there any description of the SFS heavy technique published?

Oh Ya, and the swap file, thats a real prob in Doze land.

Ahh, you must have missed the snippets actual "Yoda Speak" <;) I was surprised to scroll through that.

When I worked in an IT dept, we were always being asked by some manager to undo a office file for change of personnel and the forgotten password. We were glad that it was "Light Encryption"
Our offices and work area were constantly under surprise management surveillance for any notes or paper work left out on desk and not under lock and key.
- I was "Gigged" a few times, and went and bought a cheap Walmart camp locker to dump everything into when leaving. You could open the lock with a paper clip, but it passed the "lock and key test." So much for real security, imho, most security is just perceived if not actual. <;)

Enjoy the Holidays,
Jay
Back to top
View user's profile Send private message 
PaulBx1

Joined: 16 Jun 2006
Posts: 2308
Location: Wyoming, USA

PostPosted: Wed 09 Dec 2009, 21:07    Post subject:  

Light encryption is indeed a joke. But one can think of a few uses as mentioned here. It's like it has a back door, but instead of being available to only one person, it is available to anyone. Wink

Heavy encryption was the first one in Puppy. Then Barry added light encryption, who knows why, because nobody was complaining about heavy encryption performance. A rare case of "creeping featuritis", I guess. I have run heavy encryption on my old, slow (700MHz) Thinkpad and never noticed the difference between it and no encryption, but then I didn't go looking for it either.

As to swap, don't use it! Swap is in cleartext, in the old cryptoloop encryption utility that Puppy uses. Well, if you are using the almost transparent light encryption, hey, go ahead. Anyone smart enough to dig through swap will have no problem breaking light encryption. But for heavy encryption, don't use swap. If you do you might as well dispense with encryption altogether. This might mean buying more memory, but hardware is cheap...

Some folks have implemented loop-aes or dmcrypt-LUKS (I think I got that right) in Puppy which does have encrypted swap, but for some reason these never worked their way into standard Puppy. A bit tedious compared to cryptoloop I guess, and I have a feeling Barry is not an encryption enthusiast anyway. I keep wishing, but I'm not up to putting it in myself.
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Thu 10 Dec 2009, 01:08    Post subject:  

Quote:
I'll definitely do some benchmarking when I get the box.


That will be interesting for some Cool

I use no encryption
and am satisfied with that.

If I wanted to secure a folder
I would call it .log (notice the dot)
It is now invisible
Encrypt files with bcrypt (try command line)
and maybe I would save that on a windows files usb key drive rather than HD in Linux partition.
Then hide under a tin foil hat

I find whenever I encrypt or password protect
I keep out the major idiot - me Embarassed
I forget where I put the directory or the password.

Knowledge is always a good thing.
As is having choices. Cool

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Thu 10 Dec 2009, 02:12    Post subject: Why Puppy's Light Encryption Option is a Joke (Educational)
Subject description: options
 

- Hello PaulBx1 and all,
You make a good point, I don't have enough equipment or
experience to be of much help, maybe pieces of it or some base research, and that brings up the idea of using a debugged late distro with basically a stripped bash shell as a starting point for a serious secured Puppy, (Puppy w/a Razor Wire Leash) that is still capable of being an Office workhorse.
- I say Office, for - My "personal opinion" is that the multimedia is too internet friendly to ever be secured, and plus the "Gov" loves that, maybe even promotes the use thereof. (The huge underground centers -At least the Crays do or 48 cell beta Intels, who fronted that research cash?)

* The Why:
- The RazorEdged Puppy might be considered to do tasks like these:
a) prevent authoring plagiarism, b) encrypting banking receipts
c) writing highschool tests, d) gradebooks, e) inventors ideas and patent
documents, f) politics (especially), g) attorney, h) real estate agent, i)
anywhere a degree of privacy might be desirable in writing documents.

* A Secured Mission:
- This software should have some auto techniques to thwart laptop
thieves and home or office hardware monitoring attempts, plus a suite of
modules to encode files normally found within office softwares. It should
not be considered military grade, (unless it is just plain easy to
implement)

* The real Work:
- Pizzasgood, PaulBx1, ttuuxxx, and myself, if we started planning and
explored what needs to be done, and how it could be accomplished,
others would see that it is a serious endeavor, we could attract others to
help with the coding and polishing of the funcion of the distro. I am sure
if a logical plan of construction was created, that Barry would assist if
one of those "coding rock and a hard thing occurs", but most likely the
key in doing this is choosing proven techniques and creating the Kernel
interfaces.

* Technique Questions:
- Are there Unix & Linux versions in existance that might have a decent
swap file plus other storage encryption to be used as learning tools?
- Can public key encryption or java technique be used as an internal
module?
- Can "USB donagles" be used to disable a system?
- Can "bcrypt" be automated behind the scenes (Thanks Lobster)

* Implementation:

- Hmm, is multimedia solved with dual boot Puppy?
- Is a use of this for picture and AVI encryption or should this be
specifically avoided?
--------------------

- Honestly, this started out to be fairly short, but typing as slow as one
does, thought how useful and sometimes really needed an application that has security at it's heart.
(I've had a laptop stolen)
- I can do research, so will volunteer for that, and maybe some
secretarial work initially, if you fellas want to attempt it next year.
- The ball is over the net - Need some constuctive ideas - so everyone
have ago at helping formulate a document to describe a solidly secured
puppy
-- how would you want it to operate - What might be the use you have in
mind? Would simple wizard like menus be adequate for manual use? or
- solidly ingrained automatic encryption of everything?

jay
Back to top
View user's profile Send private message 
ttuuxxx


Joined: 05 May 2007
Posts: 10753
Location: Ontario Canada,Sydney Australia

PostPosted: Thu 10 Dec 2009, 04:22    Post subject: Re: Why Puppy's Light Encryption Option is a Joke (Educational)
Subject description: options
 

efiguy wrote:
-
* The real Work:
- Pizzasgood, PaulBx1, ttuuxxx, and myself, if we started planning and
explored what needs to be done, and how it could be accomplished,
others would see that it is a serious endeavor, we could attract others to
help with the coding and polishing of the funcion of the distro. I am sure
if a logical plan of construction was created, that Barry would assist if
one of those "coding rock and a hard thing occurs", but most likely the
key in doing this is choosing proven techniques and creating the Kernel
interfaces.


jay

I'm up for it as soon as I can find some time Smile
ttuuxxx

_________________
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games Smile
Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Thu 10 Dec 2009, 05:16    Post subject:  

Quote:
- Can "bcrypt" be automated behind the scenes (Thanks Lobster)


That is a good idea. You need to intercept the save commands
with a deamon? Would that be right coding gurus?

For a military grade security (why not)
I would suggest we need more than bcrypt

In Puppy 4.3.1 you might be able to swap out (but use the same name)
a more powerful encryption with this script
/usr/sbin/bcrypt_gui
that script is also in menu / personal / bcrypt file encryption - drag and drop (this is more than sufficient for school tests, bank details
and the location of your sardine stash - I keep mine behind some seaweed)

Renaming another encryting file to bcrypt
That would mean trying to decode
what is encoded differently for the potential decrypter . . .
[. . . .evil Darth Lobster laughter . . . . Twisted Evil ]
This works much like bcrypt but uses better encryption
http://puppylinux.org/wikka/ccrypt

I would familiarise yourself with this material
http://puppylinux.org/wikka/SecurePuppy
http://www.murga-linux.com/puppy/viewtopic.php?p=262854&search_id=1946459383#262854

http://en.wikipedia.org/wiki/Deniable_encryption

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Thu 10 Dec 2009, 10:48    Post subject: Why Puppy's Light Encryption Option is a Joke (Educational)
Subject description: documentation and discussion
 

Hi all,

Wonderful !!

- Propose that at least a start of 2 documents need to be created,
a)- a Frontline document that details the operation, types of encryption used and selected, interface issues, etc,
b)- and a background "Shadow Document" tracking and identifying "Branching Decisions", listing the pros and cons of a decision choice, and listing available documentation to support the branch decision. (This drives the Frontline document modifications, - But initially there is much feedback between, an indistinct differention – essentially identifying where the branch decisions need to be made.)
Plus -
- a method of voting for or "Ranking Decisions", which leads to a "Decision Making Body"
(NOTE: I am abstaining myself from this - as I know my limitations and will support the other present GrandFathered members in this link in forming that Nucleus Group)

- Which, eventually (At this Groups Discretion) I think a "Publication of Intent" is appropriate to draw out qualified forum members (It's OK to enroll new members to help support Too)

- Perhaps, - Consider this as a great opportunity to re-establish and use puppylinux.org/ and the http://puppylinux.org/wikka/HomePage.
- Where Murga forum is an more firmer moderated upper level description place (include wikka links where necessary), and the Wikka is where pros and cons, decision ranking numbers, methods are hashed out in excruciating detail, where huge reference document pastes can be included.
(Just an idea - don't want this to dilute the distro discussion.)

And late breaking newsletter topic:
[url]https://www.ironkey.com/personal-solutions[/url]
Firefox browser included 16 g $299

Jay
Back to top
View user's profile Send private message 
PaulBx1

Joined: 16 Jun 2006
Posts: 2308
Location: Wyoming, USA

PostPosted: Sun 13 Dec 2009, 21:58    Post subject:  

Well, this is getting a little bureaucratic for my taste. Anyway, I'm more of a tester than a developer, so I don't know how I could help other than supplying a semi-informed opinion now and then.

One opinion I have, is that I don't like puplets. You make a puplet, you get 3 or 4 users, you neglect to keep the puplet up to date, after 4 months the puplet disappears. There must be a thousand puplets by now floating around out there.

A better route would be to stick with standard Puppy, and make any pets needed to create a secure Puppy, or at least point to items in the Ubuntu repository to do that (when upup arrives). Maybe a wikka article to document how to do it. That way the user stays up to date on his own, all you need to do is maintain a few pets now and then, probably not much work there.

I don't know if this makes sense, but something to think about.
Back to top
View user's profile Send private message 
efiguy


Joined: 06 Sep 2006
Posts: 169

PostPosted: Mon 14 Dec 2009, 09:52    Post subject:  

Morning all,

I apoligize to Pizzasgood and others, Paul, some of the old system engineer habits die slowly, and I should be reading more net etiquite articles<;)

And in a spirit of enthusiasm, did something called "Hijack a thread", not my intent,
it has happened.

Please allow me include last nights observations and i'll be quiet.

Sunday night, - Have had a rereading of Pizzasgood's Multiuser Puppy post pages, this thread, plus some other links speaking of browsers and wireless, etc.,
and conclude that "[b]IF[/b]" Pizzasgood were to "Buy In" to attempting an even more secure encrypting Puppy next year
- That his Multiuser ver R3 is very likely the best starting point for experimentation.

[url]http://www.murga-linux.com/puppy/viewtopic.php?search_id=7211459&t=47409[/url]

puppy-4.2.1-MULTIUSER-r3.iso

Jay
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3368
Location: Oregon

PostPosted: Fri 20 Jan 2012, 15:53    Post subject:  

I see possibly one other thing that defeats encryption.
If the encryption tool/utility is released as open source, then the source code used to make it and do the encryption is available as a kind of dummy's guide to cracking it.

I remember at one time back in the dos days, I got a utility that was used to encrypt emails with a preshared key to be able to read them.
I have since lost that file.
But I remember that some government agencies were really excited about its use as they were unable to crack it at the time and tried to outlaw its use by anyone that happened to have it.

If an encryption utility is written by a member here, you should keep the source code to yourself. Releasing it with source code is like showing just how the encryption is done and takes away from the security of it.
Back to top
View user's profile Send private message 
PaulBx1

Joined: 16 Jun 2006
Posts: 2308
Location: Wyoming, USA

PostPosted: Fri 20 Jan 2012, 21:48    Post subject:  

Well, my admittedly limited understanding is that it works the opposite way. Keeping stuff secret was "old tech", like back during WWII. Now you want things completely open so no back doors can be put in. Knowing how the algorithm works does not help any attacker. The knowledge is already general. It's the math itself that makes it impossible to crack.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [18 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1333s ][ Queries: 12 (0.0038s) ][ GZIP on ]