Re: Symetric encryption : DES or not DES ?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


sci.crypt archive

Re: Symetric encryption : DES or not DES ?

From: Andrew Swallow <am.swallow@btopenworld.com>
Date: Fri Oct 14 2005 - 13:56:26 CEST



O.L. wrote:



> Le 14/10/2005, Joseph Ashwood a supposé :


> 


>> "O.L." <nowhere@invalid.net> wrote in message 


>> news:mn.6c3d7d5a98afb64f.18740@invalid.net...


>>


>>> Hello,


>>>


>>> I'm creating a client/server chat software, and I'd like to encrypt 


>>> the datas between client PC and server.


>>> Client and server share a information : the password of the user (>= 


>>> 6 chr), hashed with MD5.


>>


>>


>> Bad choice. For the last decade we've been saying that MD5 should not 


>> be used for any new designs, now it is the common recommendation to 


>> use at least SHA-256 or better SHA-512 or Whirlpool.


> 


> 


> OK


> 


>>> I use it as key to encrypt the datas.


>>>


>>> I implemented an encryption with DES, but I just read that the 


>>> effective encryption level is 56 bits (7 bytes ?).


>>> Isn't there a better encryption tool ? Because if a user choose a 10 


>>> bytes password, the security level will be still 56 bits (7 bytes) ?


>>


>>


>> It's called AES. Your bigger problem is that the protocol itself is 


>> actually quite leaky, giving the attacker a surprising amount of 


>> information over the course of several logins.


>>


> [...]


> 


>>


>> My recommendation since you have a new software design is to use 


>> something taht has been well tested, and well built, unless you are 


>> willing to invest rather heavily in consulting and design (which you 


>> absolutely should do because there are many very subtle problems that 


>> can creep up) is to take Paul's advice and use TLS with SRP 


>> authentication, at the same time disable everything but AES for the 


>> symmetric encryption. Even better it will lower your cost of creation 


>> since someone else already wrote it for you.


>>                 Joe


> 


> 


> Hello,


> 


> I thought AES was a public/private key system, but it was a mistake ! :-/


> 


> I tried a demo at 


> http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-AES.html, and it 


> seems to be exactly what I'm looking for, thank you very much :)


> 


> I think that I won't be able to implement existing systems like TLS/SRP, 


> because I don't know them, and it will be a hard work to mix them with 


> my existing source code. I have very particular & precise needs about 


> authentification of users and then about data transmission.


> 


> But isn't there still a possibility for the attacker to crack this 


> encryption by brute force ?



In simple terms the suggested methods of encryption


and hashing place the data beyond brute fore attack.


A *lot* of money has been spent to do this.



The risk is in the area that you are doing, the password


itself.  It has to be unguessable.  Pass phrases are


better than pass words.



If you want to strengthen your system check proposed


a password against the dictionary in a spelling


checker, list of peoples names, user account names


and a dictionary of quotes.



Andrew Swallow


Received on Sat Oct 15 04:39:15 2005