top bar
QuickTopic free message boards logo
Skip to Messages

TOPIC:

xcryptoapps

3
Anonymous
03-03-2003
02:07 PM ET (US)
One other thing. The reason you cannot reuse a one-time pad is easy to show. Given a plaintext P and a key K you obtain a ciphertext C by using XOR:

C = P XOR K

You transmit C and your partner knows K. He recovers P by XORing again.

C XOR K = P XOR K XOR K = P

XORing twice gives you the original.

Let's say you were stupid enough to send another transmission, Q, using the same K.

D = Q XOR K

Your attacker presumably heard C and D, and wants to know what P and Q are. He can get you easily with the following by XORing the two ciphertexts, as follows:

C XOR D = P XOR K XOR Q XOR K
        = (P XOR Q XOR Q) XOR K XOR Q XOR K
        = P XOR Q XOR Q XOR K XOR Q XOR K
        = P XOR Q

It is trivial to attack the XOR of plaintexts P and Q using frequency analysis. Note that this is NOT the same thing as the Prizm boys imply. I need NOT know the plaintext in advance, I only need to intercept TWO ciphertext transmissions. From that I get BOTH plaintexts. I can get the key after that if I want, but who gives a fuck about the key? I already own you and the missiles are on their way.
Edited 03-03-2003 02:11 PM
2
Ben
03-03-2003
01:36 PM ET (US)
Anyone have any experience w/ the keychain USB drives? In particular, how easy would it be to put an encrypted disk image on one of those and have it easily mounted when the drive is plugged-in (just asking for a password)?
1
Anonymous
03-03-2003
01:32 PM ET (US)
Use 'rm -P <filename>' on the command line. From the man page:

"Overwrite regular files before deleting them. Files are overwritten three times, first with the byte pattern 0xff, then 0x00, and then 0xff again, before they are deleted."

Also, MacOS X can do AES-256 encryption of Disk Copy images. Simply choose that option when creating a new blank image (using the Disk Copy application), and store your sensitive information in it. Don't put the password in your keychain, and make sure your password is strong. Then you needn't worry about "wiping" files you delete from the disk image, or about "wiping" the image itself when you delete it, since it's already encrypted.

Print | RSS Views: 1914 (Unique: 903 ) / Subscribers: 0 | What's this?