[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: pgp passphrase

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Re: pgp passphrase
From: Michael Cecil <macecil@xxxxxxxxxxx>
Date: Mon, 22 Mar 2004 19:00:46 -0600

At 03:21 PM 3/22/2004, Valdis.Kletnieks@xxxxxx said:
>On Mon, 22 Mar 2004 14:58:23 +0100, Nico Golde <nion@xxxxxxx>  said:
>
>> ^^^^^^^^^^^^^^^^ password
>
>> ^^^^^^^^^^^^^ password
>
>> > Can you spot both passphrases?
>>
>> i think i am right.
>
>Right.  You've proven that a *human* looking at the datastream can probably
>guess the passphrases.  The challenge was to write software that can do a
>passable
>job of it. Hmm.. that's almost an inverse of the Turing Test... ;)

Why would it need to guess? It could simply try every logged string ending in a crlf. I doubt that overhead would even be noticeable to the victim.

--
Michael Cecil
macecil@xxxxxxxxxxx
http://home.comcast.net/~macecil/howto/
http://home.comcast.net/~antiviruscd/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Re: NEVER open attachments
  - From: Jim Richardson
- Re: [Full-Disclosure] Re: pgp passphrase
  - From: Jim Richardson
- Re: [Full-Disclosure] Re: pgp passphrase
  - From: Cedric Blancher
- Re: [Full-Disclosure] Re: pgp passphrase
  - From: Max Valdez
- Re: [Full-Disclosure] Re: pgp passphrase
  - From: Frank Knobbe
- Re: [Full-Disclosure] Re: pgp passphrase
  - From: Nico Golde
- Re: [Full-Disclosure] Re: pgp passphrase
  - From: Valdis . Kletnieks

Prev by Date: Re: [Full-Disclosure] commerical rainbow crack?
Next by Date: Re: [Full-Disclosure] Re: [OFF TOPIC] winxp home expusure
Previous by thread: Re: [Full-Disclosure] Re: pgp passphrase
Next by thread: Re: [Full-Disclosure] Re: pgp passphrase
Index(es):
- Date
- Thread