Cryptanalysis is the part of cryptology dedicated to the mathematical analysis of the weaknesses of cryptographic algorithms, the goal being to defeat some of the security properties that the algorithm should fulfill, e.g. decrypting data which has been symmetrically encrypted with substantially less effort than what would be needed to try out all possible keys.
Questions tagged [cryptanalysis]
115 questions
177
votes
9 answers
How to determine what type of encoding/encryption has been used?
Is there a way to find what type of encryption/encoding is being used?
For example, I am testing a web application which stores the password in the database in an encrypted format (WeJcFMQ/8+8QJ/w0hHh+0g==). How do I determine what hashing or…
Karthik
- 2,254
- 4
- 19
- 19
108
votes
5 answers
What kinds of encryption are _not_ breakable via Quantum Computers?
There's the recent article NSA seeks to build quantum computer that could crack most types of encryption. Now I'm not surprised by the NSA trying anything1, but what slightly baffles me is the word "most" - so, what encryption algorithms are known…
Tobias Kienzler
- 7,578
- 10
- 43
- 66
91
votes
8 answers
How would one crack a weak but unknown encryption protocol?
I was reading this interesting question:
Is my developer's home-brew password security right or wrong, and why?
It shows a weak home-brew algorithm developed by "Dave", and the answers discuss why this is a bad idea. (Actually hashing algorithm…
Ram Rachum
- 1,998
- 2
- 17
- 20
82
votes
6 answers
Should RSA public exponent be only in {3, 5, 17, 257 or 65537} due to security considerations?
In my project I'm using the value of public exponent of 4451h. I thought it's safe and ok until I started to use one commercial RSA encryption library. If I use this exponent with this library, it throws exception.
I contacted developers of this…
Vladislav Rastrusny
- 1,073
- 1
- 9
- 9
71
votes
3 answers
How to estimate the time needed to crack RSA encryption?
How to estimate the time needed to crack RSA encryption? I mean the time needed to crack Rsa encryption with key length of 1024, 2048, 3072, 4096, 5120, 6144, 5120, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, and 16384?
Predator
- 961
- 1
- 8
- 10
39
votes
8 answers
Where can I learn cryptography/cryptanalysis the hard way, without going to school ? Any good book?
I'm not so bad at mathematics:
I know what are p-list and p-combinations, I know matrix algebra, I know what a XOR is, I know how to tell if number is a prime, etc: I'm not the programmer who hates math because he is bad at it, but I don't have a…
jokoon
- 593
- 1
- 5
- 8
36
votes
3 answers
Cracking a linear congruential generator
I was recently listening to the security now podcast, and they mentioned in passing that the linear congrunential generator (LCG) is trivial to crack. I use the LCG in a first year stats computing class and thought that cracking it would make a nice…
csgillespie
- 957
- 1
- 9
- 15
36
votes
8 answers
If someone breaks encryption, how do they know they're successful?
Let's say I have a file containing a random bunch of bits and then I encrypt it using some modern algorithm (Blowfish, AES, or whatever). If someone captures the file and mounts a brute force attack on it, how will they know they've successfully…
M. Evans
- 369
- 3
- 3
32
votes
5 answers
SSH - If Eve has the passphrase and public key, can she derive the private key?
I have used ssh-keygen for creating an RSA 4096-bit SSH private and public key pair. I used a passphrase for the private key.
If an attacker, Eve, knows the passphrase in addition to the public key:
Can they derive the private key? - I presume yes…
unseen_rider
- 423
- 4
- 10
29
votes
2 answers
Why haven't (most of) the Zodiac Killer's letters been decrypted?
The Zodiac Killer was a serial killer in the late 60's and early 70's. The twist is, he would frequently taunt the local press with cryptic letters. Four of these letters were actually encoded, but only one has been cracked to date.
I'm doubtful…
JesseTG
- 513
- 2
- 6
- 14
22
votes
1 answer
WPA significantly less secure than WPA2?
I understand at least theoretically WPA2 is more secure than WPA, but in practice does it make any difference which one you use? From what I know there are no known attacks for either except for dictionary attacks, in which case if you are using WPA…
Sonny Ordell
- 3,476
- 9
- 33
- 56
22
votes
3 answers
MySQL OLD_PASSWORD cryptanalysis?
The password hash used for MySQL passwords prior to version 4.1 (now called OLD_PASSWORD()) seems like a very simple ad-hoc hash, without salts or iteration counts. See e.g an implementation in Python at
Django snippets: Old MySQL Password Hash
Has…
nealmcb
- 20,544
- 6
- 69
- 116
21
votes
4 answers
At what point does adding more iterations to PBKDF2 provide no extra security?
If my true passphrase is used only to generate a hash which is used as the cipher's actual key, doesn't that mean it's possible to try and brute force the cipher itself? I know it would take an impossibly long time either way, but at what point…
kkarl88
- 291
- 3
- 6
19
votes
3 answers
What's the mathematical model behind the security claims of symmetric ciphers and digest algorithms?
Why can SHA-1 be considered a secure hash function? That's something I still wonder about.
I understand the concepts of why modern asymmetric algorithms are deemed to be secure. They are founded on sound mathematical problems that are provably…
emboss
- 4,298
- 1
- 16
- 17
16
votes
3 answers
Correct way to get a number from 0-9 from a random byte?
If I have a good random number generator that gives me a byte of data at a time, and I want to extract a random decimal digit of 0 to 9 from that byte stream, what is the correct way to do that?
At first I naively assumed that a simple (randomByte…
Johnny
- 1,418
- 13
- 18