the weakness of an encryption sw is the password ?

Discussion in 'privacy technology' started by blacknight, Dec 13, 2010.

Thread Status:
Not open for further replies.
  1. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,434
    Location:
    Europe
    I have a doubt: what is the real security of an encyrption software, also at 256 bit or more, if the password to launch the software is a common password ? I can use pw of 17, 22 random characters, but it will be always much different from the 256 bit encrypted files inside the software, the pw will be the weak element of the software.
     
  2. jomo

    jomo Registered Member

    Joined:
    Dec 14, 2010
    Posts:
    1
    hi blacknight,

    There can be many other weaknesses in such software. For example, some software use your password:
    - as an input to derive the encryption key <-- better
    - as an input to decrypt an encrypted key stored locally <-- not that good
    - as the key <-- really bad scenario
    - as an input to verify that the stored encryption key can be loaded from the storage <-- your nightmare

    Other weaknesses may occur on:
    - the chosen algorithm implementation <-- was it reviewed? is it the reference implementation or an "implementation based on a specification"?
    - the algorithm configuration and key initialization steps <-- what is the encryption mode, the initialization technique, etc.?

    Finally, many problems relate to a poor key entropy/use of randomization. For example, you can have a 256-bits key generated uniquely from a low-entropy input (typically: someone typing something on a keyboard is a real bad idea). Technically speaking, you still have your 256-bits key array but only a few bits may actually turn to 0's or 1's, which makes an attacker's work easier.


    In conclusion, you can only assume that the master password becomes the weakness of a password management software once the software itself is considered as "secure".

    Said otherwise: a password management software may be considered as safe once its cryptographic defense literally requires cracking your password and nothing else.

    Considering your software gives you that warranty, your next step is to decide how long and complex your secret should be; which translates to "how much entropy you want?"

    This wikipedia page (http://en.wikipedia.org/wiki/Password_strength#Entropy_as_a_measure_of_password_strength) can give you an idea of the entropy levels you can expect to obtain on average from a keyboard-based password.

    Typically, if you need 256-bits of entropy from a password made of a case sensitive and alphanumeric character set, your password should at least be 43-digits long.

    Hope it helps.
    Jomo
     
  3. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,434
    Location:
    Europe
    Thanks jomo, the conclusion seems to be what I assumed: it's not so important that the algorithm is 256 bit if the pw is not.... :rolleyes: :rolleyes: Any other opinion ?
     
  4. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,283
    The security of an encryption method is not related to the password. It is related to whether or not you can crack the encryption without knowing the password.
     
  5. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,434
    Location:
    Europe
    Yes, but I say about the complete encryption software: if the pw is crackable, I can decrypt the content.
     
  6. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Proof? The Linux RNG (/dev/random) uses exactly this method for collecting entropy (mouse movements, keyboard presses, OS interrupts and other random data on the machine). It then mixes these bits into a pool and hashes them with SHA-1. There has never been any successful attack on /dev/random (there are some theoretical attacks that rely on the attacker having root access on the machine and then carrying out some insanely difficult attacks from there, but surely most people would be aware of the strange man in their house sitting behind their keyboard?).

    Modern crypto (if implemented properly and to spec) is very strong. The weakest link is always the passphrase that protects the key.
     
Loading...
Thread Status:
Not open for further replies.