Re: UBE '98 (was Re: Snake Oil)

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

JPeschel@aol.com
Thu, 20 Aug 1998 05:53:06 EDT

Next message: Jim Gillogly: "Re: MD5 or SHA code"
Previous message: steven.soroka@mts.mb.ca: "Re: Crypto-sendmail (was Crypto Coding Project)"
Maybe in reply to: Steve Chew: "Crypto-sendmail (was Crypto Coding Project)"

In a message dated 98-08-11 18:46:10 EDT, you write:

> I downloaded the thing. It asks for a bunch of information (like e-mail
> address, name, address, 25 random keystrokes). I wrote Peter about how
> he created the key and he says it's MD5 and SHA plus some "random bytes
> from various places in the computer." The key is stored somewhere and
> protected with a password. It's always the same key. I encrypted a
> file of zeros and another file, XORed the two and got the original. A
> known plaintext attack will break every file you ever encrypt with this
> (because it only generates one key, ever.)
>
Mike Stay pointed out a plaintext attack on a
typical UBE98 encryption where XORing two encrypted
texts breaks the cipher since the key is always the
same no matter what the password is. Melih, later,
theorized, if I understood him correctly, that UBE98
could also be broken by less conventional cracking
methodology.

He's right.

UBE98 allows the user to create self-extracting
encrypted executables. This is convenient, I
suppose, for using a *symmetric* algorithm
to transmit email, but of course, you still
need to find a secure way to transmit the
password.

Finding a secure method of transmitting the
password in UBE98's case, however, makes little
difference.

I created a few self-extracting encrypted files
protected by a password. (This would be the
password that you would typically transmit in
some secure manner.) After creating the executable
I disassembled it, and changed one JE instruction
to JNE. The result: a self-extracting encrypted
file can be read if you enter an incorrect password
or, like similar snake-oil called Turbo Encrypto,
no password at all.

Joe

__________________________________________

Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________

Next message: Jim Gillogly: "Re: MD5 or SHA code"
Previous message: steven.soroka@mts.mb.ca: "Re: Crypto-sendmail (was Crypto Coding Project)"
Maybe in reply to: Steve Chew: "Crypto-sendmail (was Crypto Coding Project)"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

All trademarks and copyrights are the property of their respective owners.
Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:10:59