Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
December 11, 2006, 4:02 pm
rate this thread
A newbie question (I couldn't find the right Googlism to hit a result,
nor did the FAQ shine a light).
I've used a couple of tools to encrypt and decrypt files for me based
on a password of my choice. When I try decrypting an encrypted file
with the wrong password, tools generally respectfully tell me that I've
made a tit of myself, and ask me to use the right password.
I hadn't thought much about this till the other day, using a new(ish)
tool to decrypt. I entered the wrong password (unknowingly, of course)
and it told me that the file was decrypted successfully; but a look at
the contents told me that this was not so. I think it just re-encrypted
the file using the, "New," password.
My question is: how does a tool know that it's successfully decrypted a
I can think of a way of doing it, but it seems a little ... insecure:
the tool adds the password to the plaintext before encryption and then
encrypts it along with everything else. Then, after decryption, the
tool checks that the first X bytes match the password, and if so:
Can anyone answer my question above?
Thanks for your time,
December 12, 2006, 8:30 am
Re: How a tools knows it's successfully decrypted a file?
Volker Birk wrote:
So if file novel.txt is being encrypted to produce novel.enc, then I
presume a checksum is generated for the plaintext and stored (for
example) as the first 8 bits of novel.enc, and then the encrypted data
is stored after the checksum. And when be de-crypted, the tool strips
away the first 8 bits of novel.enc before applying the decrption
algorithm to the rest.
Though if this storing of the checksum in the first 8 bits is not
standardised, then I suppose it's unlikely that a file encrypted with
blowfish using one tool could be decrypted by another tool using
blowfish: as one could store the checksum in the first 8 bits, and one
could store the checksum in the last 8 bits.
Thanks for the information,
- » What's the latest edition and date of Shon Harris book?
- — Next thread in » General Computer Security