LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-08-2009, 07:04 AM   #1
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,245
Blog Entries: 15

Rep: Reputation: 233Reputation: 233Reputation: 233
Polymorphic Encryption Systems - What do you think?


Just made a post on blogger. It discusses my new idea about encryption. What do you think?

http://konsolebox.blogspot.com/2009/...ncryption.html
 
Old 09-08-2009, 07:58 AM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,758

Rep: Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643
Hi konsolebox,

I don't see how randomness can fit in to the scheme, for example password hashes -

If the method to create the password hash in the first instance had random elements thrown in, how could 'login' for example obtain a matching hash? The process to generate that hash needs to be known and repeatable, no ?

cheers

kbp
 
Old 09-08-2009, 08:23 AM   #3
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,245
Blog Entries: 15

Original Poster
Rep: Reputation: 233Reputation: 233Reputation: 233
Quote:
Originally Posted by kbp View Post
Hi konsolebox,

I don't see how randomness can fit in to the scheme, for example password hashes -

If the method to create the password hash in the first instance had random elements thrown in, how could 'login' for example obtain a matching hash? The process to generate that hash needs to be known and repeatable, no ?

cheers

kbp
It's not random.. the generated sequence can be based on a variable text like the password. It's also not for one-way hashes but for symmetrical encryption of plain texts (unencrypted data).

Cheers too, konsolebox

edit: I didn't mention in the text but even though I focused the discussion on symmetrical encryption, I think the concept can also be applied with one-way encryptions or hashes.

Last edited by konsolebox; 09-08-2009 at 08:32 AM.
 
Old 09-08-2009, 08:43 AM   #4
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
These ideas have already been done.

The first part of your blog describes what has been done by TrueCrypt. The program TrueCrypt allows a user to pick and choose multiple types of encryption and hashing algorithms to use on the master key. When a user types in a password, the program literally tries every combination of encryption and hashing algorithms and supplied password to attempt to decrypt the master key. Once it's successful, by detecting a known plaintext within the volume/headers, decryption of the volume can proceed.

The last part of your blog reminds me of the movie Contact. Where the aliens broadcast instructions on how to build a "contact device". The instructions are delivered in two dimensional "pages". They are only able to understand the instructions when they notice small markings on each edge of the documents and realize the documents must be assembled into 3 dimensions, as instructed by the edge markings (i.e. connect this edge of this page to the edge of the other page, etc).

Last edited by JulianTosh; 09-08-2009 at 08:46 AM. Reason: minor detail in truecrypt process added
 
Old 09-08-2009, 09:27 AM   #5
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,245
Blog Entries: 15

Original Poster
Rep: Reputation: 233Reputation: 233Reputation: 233
Quote:
Originally Posted by Admiral Beotch View Post
These ideas have already been done.

The first part of your blog describes what has been done by TrueCrypt. The program TrueCrypt allows a user to pick and choose multiple types of encryption and hashing algorithms to use on the master key. When a user types in a password, the program literally tries every combination of encryption and hashing algorithms and supplied password to attempt to decrypt the master key. Once it's successful, by detecting a known plaintext within the volume/headers, decryption of the volume can proceed.
Thanks for the reply. IMO it's only similar but not really much alike as the TrueCrypt as the sequences here are randomly generated based from a text like the password and it's not chosen by the user.

Quote:
The last part of your blog reminds me of the movie Contact. Where the aliens broadcast instructions on how to build a "contact device". The instructions are delivered in two dimensional "pages". They are only able to understand the instructions when they notice small markings on each edge of the documents and realize the documents must be assembled into 3 dimensions, as instructed by the edge markings (i.e. connect this edge of this page to the edge of the other page, etc).
Nice one. . Yeah I watched the movie and it's beautiful.
 
  


Reply

Tags
encryption


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Read only file systems, custom live CDs, and embedded systems coffeecoffee Linux - Newbie 2 02-24-2009 11:09 PM
setting the systems hosts ip address for the DTE systems in neural network samalaraj Linux - Newbie 1 09-24-2008 12:40 PM
Appropiate encryption for file systems! Ricio Linux - Security 11 07-06-2008 10:56 AM
Linux password encryption and data encryption Tux-Slack Programming 4 06-20-2007 06:46 AM
Mandrake 9.0 Wireless Works without encryption.. does not with encryption topcat Linux - Wireless Networking 3 05-04-2003 08:47 PM


All times are GMT -5. The time now is 07:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration