Re: Odd behavior of CryptoSMS; was: Re: My my, how time flies ...... it's been about "1 hour"

Gordon Burditt wrote:
> > So could somebody please answer the question, and not get caught
> > up in the sematics of quote-mark usage, namely:
> >
> > what are the circumstances under which MD5 can be effectively
> > reversed in about an hour?
>
> One of these circumstances is if the choice of password is limited
> to one alphabetic character, lower case. You can cripple any good
> encryption scheme with a sufficiently bad choice of key, unless it
> simply doesn't LET you choose the keys.

Funny, Joe "the blow" Asswood claimed he could do it with
a password of 20 (twenty) characters.

Was he just a lying blowhard?

From: "Joseph Ashwood" <ashwood@msn.com>
Subject: Re: crypto sms
Message-ID: <dJ5ue.882$N22.328@newssvr21.news.prodigy.com>
NNTP-Posting-Host: 67.118.12.39
NNTP-Posting-Date: Wed, 22 Jun 2005 00:23:37 EDT
Organization: SBC http://yahoo.sbc.com

"Certainly. Assuming a common passphrase length of around 20 characters, and
assuming it is English, this will have 20-30 bits of entropy, MD5 will be
enough to uniquely identify each of these, and MD5 can be effectively
reversed under these circumstances in under 1 hour. This will yield the
entire original passphrase, leading immediately to a complete compromise. So
1 hour."

>
> Gordon L. Burditt
Received on Thu Sep 29 21:52:42 2005