Author Topic: Xorcryption  (Read 8332 times)

0 Members and 1 Guest are viewing this topic.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Xorcryption
« Reply #15 on: October 31, 2005, 10:08:43 pm »
Duh, I was the one who proposed that there was a problem. 

The only trick is, it's nearly impossible to have that situation.  Cathy has to be on the same LAN segment as either Bob or Alice, and she has to know exactly what she's looking for and targetting.  It's easy to sniff unencrypted traffic off the LAN segment, but I don't think I've ever heard of anybody performing a MITM attack. 

Also, if a MITM attack occurs on most software (any web browser, gaim-encryption, ssh, etc.) you get a warning.  The reason is, it remembers the public key, and if it changes, then an attack might be happening.  Most people just ignore the warning, but it still exists..
Haha, that actually made me laugh. "Duh [...]"

Hehe, yeah.  This is cool methodology, though.  I've thoroughly enjoyed cryptography for about the year I've been interested (double statements ftw!).

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Xorcryption
« Reply #16 on: November 01, 2005, 03:29:34 pm »
I want to learn more about it, do you have any good book titles? :)
And like a fool I believed myself, and thought I was somebody else...

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Xorcryption
« Reply #17 on: November 01, 2005, 04:50:29 pm »
I've done a bit of work in cryptography, especially since my science fair project was on it last year.  They're nowhere near as in depth as books or other materials on this subject, though.

http://sidoh.dark-wire.net/Science%20Fair/2005/index.php
http://sidoh.dark-wire.net/?fuseaction=tutorials.view&id=4 is an article I wrote on Xor keyed cryptography.  It's pretty simple and to the point.

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Xorcryption
« Reply #18 on: November 01, 2005, 05:25:57 pm »
D',ôh'/¢/=¨>?"oƒ'BŠ#Mx#E!¥/="R–&4…'5à&Mx%`²¡.à¨4×$LO£>ê#D?&Z¸'3X(Eì'So$5à$U™&5àb@"#0U!`B!3X&4â%R9"3X"O³"v6(0U%D?'Z¸f@"'4?!D¸§.àcQ%#Cf§87¡%÷£/=£>ê#4â%R9¨2@(O³!v6¦2@'Uú%0'#«aC)h78£/=¨(ŠdU>¡>ê'1~#ˆê'2€&LO(aæ%3X!X?%Sõ%2Ý#Mx$E!¦/=%A+&dn¤/=#)¢%…ç¡.à"$Ô!Xý£2@%LO(Z¸£/=#1~&ˆê¡.à(Uú(0&#«#Eì'#«¥2@§54&3¹%BŠ(+7$,*"0U!4â#R9(#«#O³'v6§>ê%6L!2Ý%Sõ"LO%aæa@"$X?(Sõc@""$Ô'Xý$0U&4?'Teb@"¢2@$[…c@"&R–'4…¢2@'4?&8Ôd@"£/=&.›'Vø'Mx%E!¤>ê¥54%Cfe@"%6¼$MB¢>ê#1~#ˆê(GK"LO&aæ¢.à&X?&Sõ¥>ê#U™$,*¤>ê$Eì(#«§2@£54"3¹$BŠ(LO&aæ#0U(4â"R9&0U(O³'v6'BŠ(Mx(E!d@"d'/#<¢¡.à(#«&oƒ"5à'+7#,*#3X§54!3¹$0U&bG(Eá§2@'$Ô&Xý'#«%4?#Ted@"¨2@%[…§.à$0U!`B%Vø#^ã%<—£/=%6L#BŠ'Vø#1~¤%÷¨>ê$aæ#c¦¦4×"bC!1!&0U%0U$`B'3X!@Î&2Ý#0U¦54(3¹g@"&Cfg@&£/="0U$`B!#«$n?"^Ø£2@%@Î'2Ý(BŠ%#«"B-h@&§!†%

PrK:15E00AC7055302A1014D008D004A0018
PuK: 23A005F7029322410C4D0FAD0CAA21182CB00161

Interesting program there, except it crashes easy. :P
And like a fool I believed myself, and thought I was somebody else...

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Xorcryption
« Reply #19 on: November 01, 2005, 05:30:34 pm »
Quote
Hehe, made you decrypt.
<_<

Yeah, thats because of a bug I fixed before I submited this to science fair, I just haven't uploaded the fixed version yet.  :)

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Xorcryption
« Reply #20 on: November 01, 2005, 05:31:28 pm »
I%,=%,p'fn"T§!fn&^ã$(7!(7!Kú(†q(@É!LZ%(7(iy%tã%†q!^ã#Qr¥.#$Qr§.##Tù(tã(Tù&(7f/"#LZ%(7%IÈ'(7$Tù!†q(k«&(7!†q¡!|C

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Xorcryption
« Reply #21 on: November 01, 2005, 07:28:25 pm »
There's a book called Applied Cryptography, which is apparently really good. 

I've never actually read any real books on cryptography, but I learned a whole lot reverse engineering War3's login.  I ended up reading a lot of papers and sites on the subject.  You can find all sorts of stuff by surfing Google, Wikipedia, and Mathworld.