crypt(1) -- how secure, how breakable? (addenda and errata)
Henry Spencer
henry at utzoo.UUCP
Thu Nov 8 02:45:03 AEST 1984
A friend has pointed out another aspect of using crypt(1) for file
security: decrypting a file, editing it slightly, and then re-encrypting
it WITH THE SAME KEY probably makes life significantly easier for someone
trying to break the encryption. The tail end of your file is probably
the same before and after, and you're giving the snooper a look at the
same text encrypted with two different parts of crypt(1)'s "key stream".
This may be quite revealing, although the exact extent of the security
reduction isn't immediately obvious.
He also points out that if you re-encrypt with a DIFFERENT key, you are
giving the cracker a look at the same text (the beginning of the file)
encrypted with two different keys. Seems to me that this is less of a
problem, although I don't know enough about the details to be certain.
--
Henry Spencer @ U of Toronto Zoology
{allegra,ihnp4,linus,decvax}!utzoo!henry
More information about the Comp.unix.wizards
mailing list