OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: new to crypto curiosity
From: Nelson Brito (nelsonsekure.org)
Date: Tue Sep 19 2000 - 03:05:30 CDT

John Kedzie wrote:
>
> I have a question about 'dictionary attacks' ( as described on
> page 52 of Applied Cryptography Second Edition ). It says
> ( if I understand it right ) that you could compile a list of the
> most widely used passwords, and one-way function ( ? ) it.
> Then, you could compare that file you made ( I presume hex
> edit or something ) to an encrypted file that you don't have the
> password to. My question is: could c/arnivore possibly make
> a list of words/phrases ( b/omb, k/ill, etc. ) that would be used
> by t/errorists or whoever, and then scan encrypted files ( ie:
> pgp, gnupg, etc. ) for those phrases without decrypting the
> file?
>

I don't think so... There are many others way to attack crypto
messages.

Hmmm... I have other question. You said abour dicionery attack, but it
sounds me "plain text attack", is it correct? "Plain text attack" !=
"Dictionary Attack"?

> Thanks for any help you could provide.
>
> -johnkedzie
>
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.

PS: Sorry about my poor English.

Sem mais, 

-- 
Nelson Brito - http://stderr.sekure.org/projects
open(S, shift || $ENV{'HOME'} . "/.signature") || die "open: $!\n";
foreach(<S>){ chop; split(//, $_); print reverse _; print "\n"; }
close(S);