Comments on: Attacking encrypted bitmaps http://www.sindark.com/2008/10/07/attacking-encrypted-bitmaps/ Temporarily Torontonian Sun, 12 Feb 2012 01:04:46 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: . http://www.sindark.com/2008/10/07/attacking-encrypted-bitmaps/#comment-52506 . Thu, 09 Oct 2008 19:13:26 +0000 http://www.sindark.com/?p=3587#comment-52506 <a href="http://www.schneier.com/blog/archives/2008/10/new_attack_agai.html" rel="nofollow">"New Attack" Against Encrypted Images</a> By Bruce Schneier In a blatant attempt to get some PR: In a new paper, Bernd Roellgen of Munich-based encryption outfit PMC Ciphers, explains how it is possible to compare an encrypted backup image file made with almost any commercial encryption program or algorithm to an original that has subsequently changed so that small but telling quantities of data 'leaks'. Here's the paper. Turns out that if you use a block cipher in Electronic Codebook Mode, identical plaintexts encrypt to identical ciphertexts. Yeah, we already knew that. And -1 point for a security company requiring the use of Javascript, and not failing gracefully for a browser that doesn't have it enabled. And -- ahem -- what is it with that photograph in the paper? Couldn't the researchers have found something a little less adolescent? “New Attack” Against Encrypted Images
By Bruce Schneier

In a blatant attempt to get some PR:

In a new paper, Bernd Roellgen of Munich-based encryption outfit PMC Ciphers, explains how it is possible to compare an encrypted backup image file made with almost any commercial encryption program or algorithm to an original that has subsequently changed so that small but telling quantities of data ‘leaks’.

Here’s the paper. Turns out that if you use a block cipher in Electronic Codebook Mode, identical plaintexts encrypt to identical ciphertexts.

Yeah, we already knew that.

And -1 point for a security company requiring the use of Javascript, and not failing gracefully for a browser that doesn’t have it enabled.

And — ahem — what is it with that photograph in the paper? Couldn’t the researchers have found something a little less adolescent?

]]> By: R.K. http://www.sindark.com/2008/10/07/attacking-encrypted-bitmaps/#comment-52446 R.K. Wed, 08 Oct 2008 19:42:14 +0000 http://www.sindark.com/?p=3587#comment-52446 Encrypting a bitmap is a bit like encrypting this kind of text: "The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. My name is Jim. My name is Jim. My name is Jim. My name is Jim. My name is Jim. The password is coconut. The password is coconut.The password is coconut. The password is coconut." The repetitiveness makes it likely that any weaknesses in the encryption system will be more easily discovered. Encrypting a bitmap is a bit like encrypting this kind of text:

“The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. The password is coconut. My name is Jim. My name is Jim. My name is Jim. My name is Jim. My name is Jim. The password is coconut. The password is coconut.The password is coconut. The password is coconut.”

The repetitiveness makes it likely that any weaknesses in the encryption system will be more easily discovered.

]]> By: Anon http://www.sindark.com/2008/10/07/attacking-encrypted-bitmaps/#comment-52392 Anon Wed, 08 Oct 2008 00:59:40 +0000 http://www.sindark.com/?p=3587#comment-52392 Those rich in home-made porn and poor in compressed image file formats shall surely suffer most. Those rich in home-made porn and poor in compressed image file formats shall surely suffer most.

]]>