| Subject | Re: [firebird-support] FB Embedded: Table Field encryption questions |
|---|---|
| Author | Geoff Worboys |
| Post date | 2005-04-10T23:41:08Z |
I wrote the following about the XOR "encryption" algorithm:
against some known string (the key) is sufficient - this will
obscure, and while the key is not known to the thief it will be
relatively difficult to break as long as some care is taken."
I thought some clarification/qualification is in order, since
these statements appear contradictory.
A simple XOR with a key of "mykey" goes something like:
secret input: "my secret input text, dont tell anyone!"
XOR against: "mykeymykeymykeymykeymykeymykeymykeymyke"
gives ouput: (some hard to type encrypted output)
Where you can see that the short key string is just repeated
against the longer input text. It should hopefully be obvious
that the longer the key relative to the input the more random
will appear to be the result and more difficult it would be to
try and break it. And vise-versa. The longer the input
relative to the key the more easily it can be broken.
This is all very well when all the hacker has is one output
to try and analyse. If the key is long relative to the input
then analysis will be difficult. But if you give the hacker
many outputs then he knows that the first key-length characters
will have been XOR'd using the same characters and suddenly it
becomes a fairly simple statistical analysis. (Do a google on
"counting coincidences encryption" for lots of articles about
this technique.)
There are various things you can do to improve the situation
(eg: vary how the key is applied to the input) but these can
devolve into misguided attempts to improve a bad situation.
So a simple XOR can be effective provided you do not give the
attacker too much to analyse. Whether simple XOR is adequate
is really a matter of what you want to protect and how serious
the attacker is likely to get.
Now I am probably getting too far off topic for this list, but
I thought it was important to clarify previous statements. I
probably should amend my article to highlight what I really
mean with "as long as some care is taken". I dont want people
reading too much into it without studying the details for
themselves.
--
Geoff Worboys
Telesis Computing
> Yes, this is true. As long as everyone understands that suchConsidering that I wrote an article that says: "A simple XOR
> a scheme is only obsuring the text - it is not very secure.
> To quote my copy of "Applied Cryptography" by Bruce Schneier:
> "It's an embarrassment to put this algorithm in a book" :-)
against some known string (the key) is sufficient - this will
obscure, and while the key is not known to the thief it will be
relatively difficult to break as long as some care is taken."
I thought some clarification/qualification is in order, since
these statements appear contradictory.
A simple XOR with a key of "mykey" goes something like:
secret input: "my secret input text, dont tell anyone!"
XOR against: "mykeymykeymykeymykeymykeymykeymykeymyke"
gives ouput: (some hard to type encrypted output)
Where you can see that the short key string is just repeated
against the longer input text. It should hopefully be obvious
that the longer the key relative to the input the more random
will appear to be the result and more difficult it would be to
try and break it. And vise-versa. The longer the input
relative to the key the more easily it can be broken.
This is all very well when all the hacker has is one output
to try and analyse. If the key is long relative to the input
then analysis will be difficult. But if you give the hacker
many outputs then he knows that the first key-length characters
will have been XOR'd using the same characters and suddenly it
becomes a fairly simple statistical analysis. (Do a google on
"counting coincidences encryption" for lots of articles about
this technique.)
There are various things you can do to improve the situation
(eg: vary how the key is applied to the input) but these can
devolve into misguided attempts to improve a bad situation.
So a simple XOR can be effective provided you do not give the
attacker too much to analyse. Whether simple XOR is adequate
is really a matter of what you want to protect and how serious
the attacker is likely to get.
Now I am probably getting too far off topic for this list, but
I thought it was important to clarify previous statements. I
probably should amend my article to highlight what I really
mean with "as long as some care is taken". I dont want people
reading too much into it without studying the details for
themselves.
--
Geoff Worboys
Telesis Computing