[24484] in Cypherpunks


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Attacking Norton Encrypt

daemon@ATHENA.MIT.EDU (Paul J. Ste. Marie)
Sat Dec 24 01:33:19 1994

Date: Sat, 24 Dec 94 01:17:27 EST
To: rishab@dxm.ernet.in, cypherpunks@toad.com
From: pstemari@erinet.com (Paul J. Ste. Marie)

At 09:52 PM 12/23/94 IST, rishab@dxm.ernet.in wrote:
>
>Regarding the simple question about Norton Encrypt's security (and ignoring
>the alt.relationship-counsellor interlude), I believe Norton uses DES (for
>'maximum security' or a 'fast proprietary' method for convenience. I don't
>think it has the usual errors (password stored in ciphertext etc), but a
>brute force attack on DES is beyond the means of most Norton users IAC.

Perhaps, but if the earlier post is accurate about it mapping UC to lc and 
only accepting 8 characters of password, you've gone from a 56 bit keyspace 
to a ~38 bit keyspace.  A dictionary attack is certainly feasible--I don't 
recall what speeds have been achieved for brute-forcing DES lately.
    --Paul J. Ste. Marie


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[24484] in Cypherpunks

Re: Attacking Norton Encrypt

daemon@ATHENA.MIT.EDU (Paul J. Ste. Marie)Sat Dec 24 01:33:19 1994

daemon@ATHENA.MIT.EDU (Paul J. Ste. Marie)
Sat Dec 24 01:33:19 1994