LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-08-2005, 01:42 PM   #1
Hal
Member
 
Registered: Oct 2003
Location: East Anglia, England
Distribution: Dapper Drake / Slackware
Posts: 151

Rep: Reputation: 30
File encryption and theoretical cracking time


Hey there,

I was watching the news and saw some things about a new bill in the UK to increase the time police can hold a suspected terrorist to up to 90 days. The reason given that this extra time is needed to crack their hard drives to look at the data.

http://news.bbc.co.uk/1/hi/uk_politics/4377210.stm

This got me thinking, I Googled for Linux encryption software for files and fiilesystems, of which there are many, but what I really want to know is how long it would theoretically take to crack them?
 
Old 11-08-2005, 02:59 PM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,006
Blog Entries: 5

Rep: Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783
Your post has been reported to Scotland Yard - they should be hacking your PC any moment now.
 
Old 11-09-2005, 12:09 AM   #3
primo
Member
 
Registered: Jun 2005
Posts: 542

Rep: Reputation: 34
There are ways (and software) to make encryption produce 2 likely plaintexts. The most obvious way is the one that's in Bruce Schneier book:

Generate an one-time pad and make
C = P ^ K
Then generate the plaintext you'd like the police to see in any event and generate the key from the ciphertext you've got:
K2 = C ^ P2

There are many other ways, using compression to achieve better performance. There are virtually infinite number of possible keys with related plaintexts (bounded only by the number of bytes). I believe there are ways to make it impossible to crack these ciphertexts using techniques like these and steganography.
 
Old 11-09-2005, 12:34 AM   #4
lord-fu
Member
 
Registered: Apr 2005
Location: Ohio
Distribution: Slackware && freeBSD
Posts: 676

Rep: Reputation: 30
The book crypto by Steven Levey is an very good read if you are into the history behind cryptography as it relates to computers.
Cracking speed is always relative to the amount of computing power and the strength of the encryption. With Morres Law however this theoretical time limit is getting shorter all the time. On the upside there is always going to be someone designing the unbreakable key as well.

Last edited by lord-fu; 11-09-2005 at 12:55 AM.
 
Old 11-09-2005, 09:08 AM   #5
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,377

Rep: Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108
If you looked only at theoretical cracking-times, as in a brute-force search of the keyspace, even basic consumer-grade ciphers could take "forever." But most breaks occur, not through a direct attack on the cipher, but an attack on the key-management procedure.

For example, a dictionary attack can be completed in a matter of minutes. A cluster of machines could process permutations on every word in about the same amount of time.

The simple fact that the key probably consists of a string of characters found on a typewriter keyboard, most likely without much of a mixture of upper/lower case, greatly reduces the total number of possible binary keys that could be generated -- depending on exactly what algorithm was used to hash the password into a key.

When a ciphertext is re-enciphered, even two or three times, the transformation is logically equivalent to one transformation unless the systems used in the recipherment are mathematically different.

Encryption may leave behind deleted temporary-files, which are not usually "scrubbed."

A good police/detective agency will have, or will accumulate, more evidence than just the encrypted files on one computer. And the refusal to decrypt a file which is believed to contain evidence related to a crime, is probably a crime in itself. So you get locked-up anyway. Look outside: it's the last time you'll see the sunlight for the rest of your life, which could be a very long time. But maybe if you decrypt that file, tell us what you know, tell us who else was in with you . . .

And so on.
 
Old 11-09-2005, 10:48 AM   #6
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,006
Blog Entries: 5

Rep: Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783
Lovely isn't it. In US law at least our 5th Amendment specifically says we don't have to testify against ourselves. However court decisions have perverted it so that you can be held in contempt of court with no trial for refusing to provide documents or even blood samples. In my not so humble opinion using your own blood to convict you clearly violates this amendment.
 
Old 11-09-2005, 12:43 PM   #7
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Lubuntu
Posts: 19,176
Blog Entries: 4

Rep: Reputation: 430Reputation: 430Reputation: 430Reputation: 430Reputation: 430
Reading the Evening Standard (I know, I know) on the way home tonight, it seems that the current length of time the police are allowed to hold people was originally suggested by the police shortly after 9/11. And now they think it's too short. And the arguments they used back then are being regurgitated again.

So. Either the police got it wrong and underestimated the time, or the reasons are fallacious and they want it for something else.
 
Old 11-11-2005, 03:27 PM   #8
Hal
Member
 
Registered: Oct 2003
Location: East Anglia, England
Distribution: Dapper Drake / Slackware
Posts: 151

Original Poster
Rep: Reputation: 30
Thanks for replying everyone, certainly found your comments interesting.

Unfortunately due to a little visit from Scotland Yard, I won't be seeing you for a little while.

It seems Slashdot wanted to know too!
http://ask.slashdot.org/article.pl?s...8&tid=93&tid=4
 
Old 11-14-2005, 12:06 PM   #9
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,377

Rep: Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108
It's a delicate game. On the one hand, we do not want the "law enforcement" business to turn into an instrument of coercion. And, on the other hand, we do not want truly-evil people to play games with the legal system. Obviously, both of these things do occur, but tens of thousands of legal cases are processed every year and an equal number of arrests are made, so the system doesn't absolutely fail and doesn't absolutely ignore its own rules.

If you have a legitimate secret and are questioned about it by a law-enforcement agency, it is probably better to try to see things from their point of view and to cooperate. In some cases involving very sensitive trade secrets, courts have approved the use of a third-party arbiter who can review the material and testify about it without revealing it. "Obstruction of justice" is a valid crime unto itself. I don't think it's really quite fair to take a "soapbox" position on such matters, even though the media does so quite regularly.
 
Old 11-14-2005, 12:15 PM   #10
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,006
Blog Entries: 5

Rep: Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783Reputation: 783
That sounds frighteningly like something a friend I once had said:

"If you're not doing anything wrong why do you care if the police walk through your house any time they want?".

I don't really think using the 'loo is "wrong" but wouldn't want the police to walk in while I was doing it. Some things are private just because we want them to be and saying "we have to invade your privacy for the common good" smacks of fascism to me.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hardware real time encryption/decryption in Linux... Akonbobot Linux - Security 2 11-24-2004 01:33 AM
cracking rar file passwords linuxmandrake Linux - Software 1 11-21-2004 03:41 PM
is there any tool for cracking ext2 encrypted file system gadekar Linux - Security 1 08-18-2003 11:52 PM
File or Directory Encryption potlamurali Linux - Security 4 05-02-2003 10:05 PM
Shared File Encryption mawarsha Linux - Security 6 02-12-2003 01:11 AM


All times are GMT -5. The time now is 06:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration