1998-12-04 - Re: joy of export, h/ware

Header Data

From: Jim Gillogly <jim@acm.org>
To: cypherpunks@cyberpass.net
Message Hash: 41a51d1ba0a9d5c667349752c5068c82a610eb61f36b07d90a72675f7b3e8534
Message ID: <36684528.E3AB7D@acm.org>
Reply To: N/A
UTC Datetime: 1998-12-04 21:01:45 UTC
Raw Date: Sat, 5 Dec 1998 05:01:45 +0800

Raw message

From: Jim Gillogly <jim@acm.org>
Date: Sat, 5 Dec 1998 05:01:45 +0800
To: cypherpunks@cyberpass.net
Subject: Re: joy of export, h/ware
Message-ID: <36684528.E3AB7D@acm.org>
MIME-Version: 1.0
Content-Type: text/plain



>>> What type of attack was used in the famous test? Known plaintext? It
>>> gets a bit tougher in the real world doesn't it?
>>
>> Not really.  

Michael Motyka <mmotyka@lsil.com> skribis:
> Even if you don't know what you're looking for? Help me out with that
> one.

The question was "in the real world": in this case, as opposed to artificial
challenges, you often (or normally) do have access to known or chosen
plaintext.  This can involve expected headers ("\nSubject: " somewhere near
the beginning of a message has a good chance of giving you a 64-bit block),
standard plaintext (".  The " is a perennial favorite), or known C idioms
("#include <stdio.h>\n") can all be tried.

The EFF hardware is set up to look for various kinds of patterns.  For
example, it can check the high bit on the recovered plaintext, to see
whether the result is ASCII.  This is certainly the easiest way to get
in if you're breaking normal uncompressed messages or source code.  If
it's compressed, you still may be OK -- most compression packages put
magic file identifiers at the beginning, and some have guessable trees
there.

If you're breaking a transaction stream it's likely to be even easier,
with the standard headers, even if you don't go to the trouble of
injecting your own know transaction into the stream.

-- 
	Jim Gillogly
	Trewesday, 14 Foreyule S.R. 1998, 20:22
	12.19.5.13.7, 6 Manik 20 Ceh, Sixth Lord of Night





Thread