[80268] in cryptography@c2.net mail archive
Re: Cracking the code?
daemon@ATHENA.MIT.EDU (Marcos el Ruptor)
Sat Mar 3 19:33:29 2007
In-Reply-To: <20070303213229.GA8475@piias899.ms.com>
From: Marcos el Ruptor <ruptor@cryptolib.com>
Date: Sun, 4 Mar 2007 00:40:51 +0100
To: cryptography@metzdowd.com
> My questions are: A) is this as vulnerable as it seems at first
> blush? B) how many password/hex pairs would be needed to deduce the
> underlying algorithm?, C) If one could deduce the algorithm, could
> the attack be generalized so that it could be used against other
> enterprises that use the same software? (It is very(!) widely
> deployed), and D) am I missing something in my thinking?
A) yes it is vulnerable. B) none - it would take no time to reverse
engineer the entire algorithm out of the executable. C) yes of
course. D) just how bad this is.
Ruptor
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
