kloecker at kde.org
Mon Jun 12 10:39:47 CEST 2006
Am Montag, 12. Juni 2006 04:42 schrieb Tom Thekathyil:
> A wishes to send message to B.
> A encrypts message using B's key. Opens encrypted message and
> corrupts the file by altering one or more characters/adding redundant
> lines of code, e.g. changes case of first occurrence of 'T' in the
> code. Saves file and sends to B.
> B will get an error message when trying to decrypt message. However B
> knows that the first occurrence of 'T' needs case conversion and
> edits file. The edited file is now capable of being decrypted.
Think again. A encrypts the message and let's say the result is 'ttttT'.
A changes this to 'ttttt'. B changes it "back" to 'Ttttt'. Hmm, doesn't
work. But applying ROT-13 would work. :-)
> Since no one apart from A & B knows how the encrypted file has been
> corrupted, this seems to be a method of increasing security.
No. This is (false) security through obscurity. Anyone who is able to
break the used encryption will have no problems also breaking your
bogus attempt to increase security.
> Question: Is there in theory any way of breaking the corrupted
> encryption through brute force?
Through brute force anything can be broken. The whole point of the
encryption methods that are used by us is that a brute force attack is
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20060612/b7b064d8/attachment-0001.pgp
More information about the Gnupg-users