From: Keith Clancy (Keith.Clancy at domain Berlitz.ie)
Date: Mon 18 Jun 2001 - 16:15:22 IST
Give everyone RSA Secure ID's and use blowfish ;P
or maybe a magnetic card or thumb print reader ...
From: ilug-admin at domain linux.ie [mailto:ilug-admin at domain linux.ie]On Behalf Of Nick
Sent: 18 June 2001 16:04
To: Fergal Daly
Cc: ilug at domain linux.ie; technobabble at domain redbrick.dcu.ie
Subject: [ILUG] Re: [TechnoBabble] Encryption / Security
> What are the weak points?
Firstly, your key size is probably going to be small. If you're using a 4
digit pin on a hex keypad, then there will be just 65536 possible
combinations for your password. If it's restricted to digits only, then
you're talking about just 10K combinations. This is certainly a weak link,
which would allow pretty much anyone with a crypted password list to do a
complete BF&I password scan pretty quickly.
> Is there anything wrong with using XOR assuming
> your PINs are nicely random?
XOR is not secure. There are reversible encryption mechanisms available on
the net which are much, much better. But if you're stuck with such limited
pins, it may not make much of a difference.
-- Irish Linux Users' Group: ilug at domain linux.ie http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information. List maintainer: listmaster at domain linux.ie
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:10:43 GMT