Re: AES-256 encryption

From: cwright@bdosyd.com.au
Date: Tue Aug 21 2007 - 02:09:02 EDT

Next message: Attari Attari: "Fast UDP scan"
Previous message: adrian.floarea: "RE: AES-256 encryption"
Maybe in reply to: Kush Wadhwa: "AES-256 encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) Hello,
I can confirm that this is not the case. (This is that the password generates the key)
To quote from KeePass:
“One master password decrypts the complete database. Alternatively, you can use key files. Key files provide better security than master passwords in most cases. You only have to carry the key file with you, for example on a floppy disk, USB stick, or you can burn it onto a CD. Of course, you shouldn't lose this disk then.”
AES is a block cipher. It is not in Keepass generated from the key.
The following site: http://csrc.nist.gov/CryptoToolkit/aes/rijndael/ gives the AES (Rijndael) specifications. Rijndael is a block cipher. It is always the same size based on the variety. This is AES-256 is always based on a 256 bit key (and similarly for the 128 and 192 bit versions).
An AES encrypted KeePass database is dependant on the key, not the password – you need to capture both. It is possible to setup a key only KeePass database, but this is a separate issue and not one of cracking AES.
Cracking the KeePass password is an attack against SHA-256. It is not an AES attack.
If you want to understand AES – you have to read http://csrc.nist.gov/CryptoToolkit/aes/rijndael/Rijndael-ammended.pdf (The original proposed specification).
You need the key. The key is not a function of the passwords used to protect the AES key.
AES is (unless eventually proven otherwise – but this stands as of the moment)
K-secure; and
Hermetic.

Section 8 of the Rijndael Block Cipher AES proposal details the ciphers strengths against known attacks. Please read this document (link above). There is no attack based on the key password without the key.

Regards,
Craig

>Renaud Dubois
Hello,

I think that Adrian is speaking about the case when the key is based on the password.
For example, with Keepass you can choose either key + password or only a password.
I think that if you choose the password only method, a key is generated based on the password you just typed. The length of the key depends the length of your password.

If someone could confirm..

Best regards,

On 19 Aug 2007 22:11:45 -0000, cwright@bdosyd.com.au <cwright@bdosyd.com.au> wrote:
Hello,

A weak password has nothing to do with this. I did not see any mention that the key was captured, just the file to be decrypted. If the key file is captured this is a separate issue and nothing to do with AES.

There is NO password stored with the encrypted file. A password is used to protect the key, but a key is always to be considered compromised if it is intercepted. The password takes no place in the encryption scheme. I would suggest that you have a read on the encryption protocol specifications.

Regards,

Craig

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Next message: Attari Attari: "Fast UDP scan"
Previous message: adrian.floarea: "RE: AES-256 encryption"
Maybe in reply to: Kush Wadhwa: "AES-256 encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:02 EDT