Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Subject
- Posted on
Re: Truecrypt 5.0 Released (now with system partition encryption)
Only half right. Knowing what type of data might be contained in an
encrypted volume does in general assist in cryptanalysis. Some
forms of this attack are known as "watermarking". Taken to the
extreme it's called a "known plaintext" attack. You have heard
those terms before, haven't you?
And yes, before we start quibbling about the differences so
you can ignore the obvious similarities, those differences exist.
However not as markedly as you may suspect at first jerk. Knowing
that an encrypted volume contains in fact can lead to an actual
known plaintext attack if you're aware of the encrypted volume's
topography (freely published knowledge in this case), and have
knowledge of where certain things will reside within that volume.
Since Windows places certain things in specific areas of a disk,
knowing what's contained inside that encrypted volume enables an
easier collation, and ultimately, the possibility of a successful
attack.
Not that I'm aware of any sort of exploitable known plaintext
weakness in Truecrypt of course. I believe it to be quite secure.
But in general this demonstrates one possible weakness that might
be introduced in a plaintext partition table scenario. And if you
really consider things broadly, it spotlights why OTP is considered
the only truly unbreakable form of encryption. If a ciphertext can
potentially be "anything", it's impossible to even know if you've
successfully decrypted it or not. ;)
Re: Truecrypt 5.0 Released (now with system partition encryption)
No, that's EXACTLY what H(M) = H(M | C) means, if you actually
understand it. Since a priory probability and a posteriori probability
are equal a given ciphertext could in fact decrypt to... anything.
Given the appropriate pad of course.
For someone who tries to paint themselves as possessing some level of
understanding with respect to crypto and general security by slinging
around terms, you really don't grasp much any of it with any REAL
understanding, do you?
Re: Truecrypt 5.0 Released (now with system partition encryption)
The British merchant navy used OTP (maybe still do) for GBMS and GACQ
messages. The pads were stored in the Captain's safe with a copy
in the radio officer's safe. Despite the restrictions on radio officer's
having to be of British nationality and requiring screening before being
issued with their PMG Certificates, the British authorities always made
an exception for Irish (Eire) nationals. Even during the darkest days of
the troubles in Northern Ireland (Ulster), Irish qualified radio officers
were still recruited and therefore given access to these pads. It is
inconceivable that not one single Irish national radio officer did not
copy these pads.
This suggests that OTP's are only as secure as the methodology of
securing them against being compromised. Arguments of their security
are of no avail against allowing an attacker access to them.
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.
Re: Truecrypt 5.0 Released (now with system partition encryption)
anonymous@remailer.hastio.org wrote:
I'll give you a counter example:
encryption:
- if the plaintext is "Nomen Nescio understands OTP", then stop and fail
- generate a random stream as long as the plaintext, it's the key
- add them, you get the ciphertext
decryption:
- subtract key from ciphertext
- if the plaintext is "Nomen Nescio understands OTP", then stop and fail
- otherwise it's the plaintext
This scheme is, by definition above, a OTP. Yet the plaintext "Nomen Nescio
understands OTP" is impossible and no ciphertext can decrypt to this.
I'll give you a counter example:
encryption:
- if the plaintext is "Nomen Nescio understands OTP", then stop and fail
- generate a random stream as long as the plaintext, it's the key
- add them, you get the ciphertext
decryption:
- subtract key from ciphertext
- if the plaintext is "Nomen Nescio understands OTP", then stop and fail
- otherwise it's the plaintext
This scheme is, by definition above, a OTP. Yet the plaintext "Nomen Nescio
understands OTP" is impossible and no ciphertext can decrypt to this.
Re: Truecrypt 5.0 Released (now with system partition encryption)
>>>> >>>> it spotlights why OTP is considered
>>>> >>>> the only truly unbreakable form of encryption. If a ciphertext can
>>>> >>>> potentially be "anything", it's impossible to even know if you've
>>>> >>>> successfully decrypted it or not. ;)
>>> >>>
>>> >>> OTP's security comes from the fact that knowing the message doesn't
change
>>> >>> the a priory probability of the plaintext. It never claimed that all
>>> >>> plaintexts are equally likely.
>> >> No, that's EXACTLY what H(M) = H(M | C) means, if you actually
>> >> understand it. Since a priory probability and a posteriori probability
>> >> are equal a given ciphertext could in fact decrypt to... anything.
>> >> Given the appropriate pad of course.
I'll give you a counter example:
encryption:
- if the plaintext is "Nomen Nescio understands OTP", then stop and fail
- generate a random stream as long as the plaintext, it's the key
- add them, you get the ciphertext
decryption:
- subtract key from ciphertext
- if the plaintext is "Nomen Nescio understands OTP", then stop and fail
- otherwise it's the plaintext
This scheme is, by definition above, a OTP. Yet the plaintext "Nomen Nescio
understands OTP" is impossible and no ciphertext can decrypt to this.
As a suggestion for fixing your definition:
For every *possible* plaintext the number of keys which decrypt a given
ciphertext to this plaintext are the same.
\exist d=const \forall p,c |K|=d | \forall k \iselem K dec(c,k)=p
Re: Truecrypt 5.0 Released (now with system partition encryption)
nemo_outis wrote:
Nobody ever said anything at all like that you lying asshole.
You've already been clubbed over the head with a cite about why
unencrypted partition tables are less secure than encrypted ones.
You didn't even have the courage to reply to it, but it's out there
none the less.
Nobody ever said anything at all like that you lying asshole.
You've already been clubbed over the head with a cite about why
unencrypted partition tables are less secure than encrypted ones.
You didn't even have the courage to reply to it, but it's out there
none the less.
Re: Truecrypt 5.0 Released (now with system partition encryption)
Back again with the same bullshit? You get the same answer as last time.
If you have some argument to show how an unencrypted partition table would
permit decrypting the contents of of an encrypted partition, then make it.
If not, then, as I have repeatedly suggested: Do be a good little moron and
fuck off.
Regards,
Re: Truecrypt 5.0 Released (now with system partition encryption)
nemo_outis wrote:
You've already been given a cite explaining exactly how and why
unencrypted partition tables are a risk. How they can in FACT aid
in the cryptanalysis of an encrypted volume, and you damned well
know it or you wouldn't have made a pathetic attempt to twist
things into some discussion of absolutes.
Your willingness to make fool of yourself through blatant
dishonesty is fast becoming your most defining quality nemo.
You've already been given a cite explaining exactly how and why
unencrypted partition tables are a risk. How they can in FACT aid
in the cryptanalysis of an encrypted volume, and you damned well
know it or you wouldn't have made a pathetic attempt to twist
things into some discussion of absolutes.
Your willingness to make fool of yourself through blatant
dishonesty is fast becoming your most defining quality nemo.