• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

SecureZIP, GnuPG - known plaintext attack resistant?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Software and Hardware

View previous topic :: View next topic  
Author Message
parallax
Just Arrived
Just Arrived


Joined: 11 Jul 2009
Posts: 0


Offline

PostPosted: Sun Jul 12, 2009 12:28 am    Post subject: SecureZIP, GnuPG - known plaintext attack resistant? Reply with quote

Hello.

Does anyone know how these programs deal with known plaintext attack?:

- SecureZIP Express

- GnuPG

- combination of the two (two layers): already encrypted SecureZIP Express archive encrypted second time using GnuPG

I need to secure data that I upload to on-line storage service.
And I would like to use a free solution that is "known plaintext attack resistant".

Thanks in advance for reply.

Moderator note: moved from Beginners - capi
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Wed Aug 12, 2009 9:12 am    Post subject: Reply with quote

Parallax,

You are asking the wrong question. Its not whether the programs are affected by the attack its whether the algorithms you use are resistant to it. Now first of all this attack is only any good if the hacker has the original plain text and work out what your key is. To start with this is lot of work. Normally, you are talking about the world of highly secret government spooks and top end industrial espionage people. You have to ask yourself if someone going to take the effort getting the plain text and computing your key just to read your emails to your friends?

From a technical perspective there are certain modes of algorithms which are highly susceptible to to this attack such as 3DES in ECB mode.However 3DES in CFB or OFB mode are more resistant. AES is generally resistant to this type of attack.

Quote:
I would like to use a free solution that is "known plaintext attack resistant".
There is no such thing. All algorithms have one weakness and that is that given enough time, usually until the end of the universe, it is possible to brute force a key.

You have left many other better attacks off your list such as:

Chosen ciphertext attack
Chosen plaintext attack
Known ciphertext attack
Side channel attack
Differential analysis

And my favorite attack the rubber hose attack. Why bother spending all that CPU time when I could install a trojan on your computer and steal your key or better yet, beat it out of you with a rubber hose.

Matt_s
Back to top
View user's profile Send private message
parallax
Just Arrived
Just Arrived


Joined: 11 Jul 2009
Posts: 0


Offline

PostPosted: Mon Aug 24, 2009 6:17 pm    Post subject: Reply with quote

Thanks a lot for reply, Matt.

First off, I am beginner when it comes to cryptography so correct me if I am wrong.

I have read that particulary .zip, .rar, etc. archives are vulnerable against KPA (known plaintext attack). Actually there is a lot of specialized tools for cracking these archives. They promise to decrypt the file if you provide some plaint text. But as far as I know the ZIP and RAR use AES for encryption (which should be, as you said, resistant to KPA). So I figured out that itīs not just about algorithm but about its implementation when it comes to KPA. Othrewise these cracking utilities using KPA woudnīt be so common. Hence my question about KPA vs. several programs.

In my case some of my plaint text wouldnīt be too hard to obtain.

However I have just changed my security strategy for on-line backup. I started to store my data inside .rar archives (not encrypted) and encrypt the archives using GPG (with GPGee frontend). The names of the files don’t reveal any information that would lead to plain text. This plus none of my data are top secret or really personal - They are just my projects and some important notes I donīt want to loose etc. I think it should be quite sufficient. What do you think?

Do you happen to know which algorithm GPG uses for encryption? I believe I have read somewhere that itīs AES and that itīs default and cannot be changed unless you recompile it or something like that.

I have read that Blowfish should deal with KPA pretty well.

I know I have left the other attacks but I was mainly interested in KPA since this was the weakest spot as far my data is concerned.


Last edited by parallax on Tue Aug 25, 2009 8:15 pm; edited 1 time in total
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Mon Aug 24, 2009 11:25 pm    Post subject: Reply with quote

parallax,

It really looks like you have been doing some research on this and your summary regarding implementations of encryption with compressed files is correct.

Your approach is quite well thought out. On-line backups are definitely a security risk so anything you can do to reduce the attack surface the better. With GPG you should be able to use any algorithm supported in the OpenPGP standard (Section 9 - http://www.ietf.org/rfc/rfc4880.txt) and maybe a few that aren't.

With regards to crypto there are other areas where people fall foul of:

1 - Loss of key or password
2 - Exposure of key or password through other security weakness e.g. trojan

Matt_s
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Mon Aug 24, 2009 11:29 pm    Post subject: Reply with quote

parallax wrote:
But as far as I know the ZIP and RAR use AES for encryption (which should be, as you said, resistant to KPA).

I'd just like to note that ZIP only started to use AES in recent versions of the format. Previous versions used a proprietary algorithm indeed turned out to be quite weak. More on this in Wikipedia: [1] and [2]
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Software and Hardware All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register