Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 4 years ago.
Improve this question
as the question says, i would like to know if it is important to generate a strong key in order to encrypt connection.
Let's assume i'm using AES Symmetric Key Encryption Algorithm.
What changes can i achieve by using a key such as: "helloworld" or some particular hash value evaluated from some process?
The fact is that, using pseudo random generator is a good key generation process. But what if i simply used a static key without exchanging it to the outside communication channel? How can an attacker find my key?
Thanks
The key creation is very important. There are two approaches, one is a random key generated by a cryptographically secure pseudo random number generator CSPRNG and the other derived from text.
When using text as a key the brute force approach is to try text from lists of frequently used passwords such as SecLists. The approach against this is to use a derivation method that is slow in order to make such a brute force infeasible. One common method is the Password Based Key Derivation 2 PBKDF2 also noes as RFC2898, another newer method is Argon2. In both cases a general goal is to choose a work factor such that about 100ms of CPU time is required.
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 months ago.
Improve this question
i have two strings
9d14be68d71e15449d7ace056905429e28e319949eace8521c6114da6223208b37b32e50c045da86eccae39e2034ec14
3081d302010104205f20ff52fe5b542b2901408a1cbd4fb19b33b105a6f7e9e2bb36c64bae1e3fcaa08185308182020101302c06072a8648ce3d0101022100fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f300604010004010704210279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798022100fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141020101a12403220002000be91168a24103962a0a5e899a1ee557c52105770607b4b746e9f5da45427d
The first one is encrypted version of the second and the password is:
this sucks
So i want to find out the type of encryption that was used and how.
I will then use python to decrypt it as to experience cryptography on my own.
The above encryption was done by Bitcoin core app.
Some research say that the app uses AES CBC to encrypt the wallet data so extracted the data before and after encryption for this experiment.
How was the string encrypted?
Please bear with me i am still learning encryption.
There is no way of knowing. Maybe take a look at ciphertext indistinguishability.
Your best chance is to brute force the cypher with your python script. Keep in mind that there are a lot of well-known encryption algorithms (AES, 3DES, ...), key lengths, encryption modes (CBC, CFB, ...) and padding options so this might not be even possible due to high number of combinations.
Also, there is another problem. You password this sucks is shorter than the key size encryption algorithms use. For example, AES requires keys to be either 128, 192 or 256 bits of length so you need to make your password of that length. There is no way of knowing what key stretching technique (PBKDF2, bcrypt, scrypt, ...) or what hashing algorithm (SHA256, SHA512, ...) was used to achieve adequate key size.
This task is not impossible but highly improbable.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I have a list of numbers. I will be calling a service(let's say accountant service) which is going to perform some operation on these list of numbers and will return me the final result.
I don't want to pass my data in plain format. I want to encrypt numbers in such a way if service performs any arithmetic operation and return me the result, I will be able to decrypt it back with actual result.
Yes. You can use something called Homomorphic encryption, which "is a form of encryption that allows computation on ciphertexts, generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext." With this type of encryption, they can be Partially homomorphic or Fully homomorphic. A fully homomorphic encryption can support arbitrary computation (also called "bignum arithmetic" or "Arbitrary-precision arithmetic"), whereas partially homomorphic algorithms cannot. As stated on the cryptography stack exchange by user mikeazo in this thread,
ElGamal is a semantically secure, multiplicativey homomorphic cipher. Paillier is a semantically secure, additively homomorphic cipher.
The user also elaborates further and mentions a significant downside of this form of encryption:
Homomorphic ciphers typically do not, in and of themselves, do not provide verifiable computing. In words, you encrypt your data, send it to the cloud and let the cloud compute on it for you. How do you know the cloud performed the correct computation? To get this sort of guarantee, other machinery is needed.
In your case, you would be sending it through an (I am assuming) reputable API, so this may not be a concern of yours.
From my research, your best bet will probably be Gentry's cryptosystem. To use this (in a program), HElib should work fine.
In the future, crypto.stackexchange.com would probably be a better place for this type of question
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
This question is partly theoretical and partly practical. A perfect answer would answer theoretically why, and practically how.
Question
Given an encrypted file, and a non-encrypted version of the same file, can the encryption key be recovered? More specifically how might one achieve this?
Background
I have some backup files from a colleagues old machine. They have been stored in an encrypted 7zip file. The file table has not been encrypted, so it should be possible to isolate individual files. What I don't have is the actual encryption key (due to a storage medium failure). I do however have some unencrypted files which are also in the container. How can I use these to recover the whole archive?
As others have said, this is a "Known Plaintext Attack". All good cyphers are proof against such an attack. Any cypher which cannot withstand such an attack never gets off the starting blocks.
The best suggestion is to find out the specific encryption method used and look for specific weaknesses in that particular method. Alternatively, ask people who knew the key if they can remember even part of the original password. "It began with a D" will reduce the work you need to do to brute force it by a factor of 26 or 52.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I have a login and password that I need to store in my database. What is a safer way to encode them (I use AES algorithm): as one string with separator between login/pass, or as a two separate strings?
Encoding has to be reversable, so please don't mention hash.
Safety has not much to do with your choice. If you use AES with mode different than ECB and PKCS7/PKCS5 Padding you can either encrypt logins and passwords alone or logins and passwords seperately. It depends on wheather you will need a login without a password in your implementation. You will probably use the same key to encrypt both login and password. So splitting is by no means an additional security measure. If you woudl use some salted PKDF keys can be different for each record, but attacker still needs only to get the master password and a salt.
That's no any additional security in encrypting them together or separately.
However, you should also choose wisely cipher mode/initial vector - for CBC and CTR (and CFB?) input to encryption is xored with encrypted Initial Vector, so having the same vector for two encrypted passwords, xoring them would allow to get xor of original passwords, which can leak information.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
ctr mode makes it possible to use a block cipher as a stream cipher but how strong will be the encryption in this mode ?
Ultimately it depends what you mean by strong. For example from an encryption point of view, i.e. taking the ability of an attacker to decrypt your ciphertext without access to the key, it should be as strong as any other use of AES256 (there is some dicussion on differential analysis between individual cipher blocks with a known plain text but that would be a weakness of the encryption algorithm not of the CTR mode itself).
In the end whether CTR mode is appropriate will depends what you want to apply it to and how you implement it. A couple of things to bear in mind when using this mode would be:
The same nonce/counter sequence will create the same cipher stream therefore you must ensure you do not ever use the same values for a given key. Otherwise it might be possible for an attacker given a message with a known plain text to reuse the cipher stream to decrypt your current message).
As the stream cipher is XORed with the plain text it means that a 1 bit change in the ciphertext directly results in that bit changing in the decrypted data, therefore some sort of message integrity is paramount, most likely a HMAC so that an attacker cannot realistically generate the hash and correct that as well.