Comments on: Solving FBI’s 2008 Code Cracking Challenge http://www.root777.com/security/solving-fbis-2008-code-cracking-challenge/ Computer Security & Technology Thu, 26 Jan 2012 21:27:06 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Daniel McDicken http://www.root777.com/security/solving-fbis-2008-code-cracking-challenge/#comment-1939 Daniel McDicken Wed, 24 Jun 2009 20:39:23 +0000 http://www.root777.com/?p=108#comment-1939 Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, in 2007 the U.S. government reported that 71% of companies surveyed utilized encryption for some of their data in transit. Encryption can be used to protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers' personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection) are another somewhat different example of using encryption on data at rest. Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years.[2] Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks. Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse. One of the earliest public key encryption applications was called Pretty Good Privacy (PGP), according to Paul Rubens. It was written in 1991 by Phil Zimmermann and was purchased by Network Associates (now PGP Corporation) in 1997. The best types of encryption are duel layer and combinations of ciphers whereby the information as well as the system space it's stored in is encrypted beyond recovery. With encryption algorithms that possess incredible amounts of strength these days, I find it highly amusing they still resort to the ceaser cipher, when there are far better method's for low level encryption. What self respecting crypto expert would try to secure something with a plain shift? Thats so 80's cold war and spooks in the arms race! Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, in 2007 the U.S. government reported that 71% of companies surveyed utilized encryption for some of their data in transit. Encryption can be used to protect data “at rest”, such as files on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers’ personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection) are another somewhat different example of using encryption on data at rest.

Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years.[2] Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks.

Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse.

One of the earliest public key encryption applications was called Pretty Good Privacy (PGP), according to Paul Rubens. It was written in 1991 by Phil Zimmermann and was purchased by Network Associates (now PGP Corporation) in 1997.

The best types of encryption are duel layer and combinations of ciphers whereby the information as well as the system space it’s stored in is encrypted beyond recovery. With encryption algorithms that possess incredible amounts of strength these days, I find it highly amusing they still resort to the ceaser cipher, when there are far better method’s for low level encryption.

What self respecting crypto expert would try to secure something with a plain shift? Thats so 80′s cold war and spooks in the arms race!

]]> By: Anonymous http://www.root777.com/security/solving-fbis-2008-code-cracking-challenge/#comment-1919 Anonymous Tue, 10 Feb 2009 04:17:11 +0000 http://www.root777.com/?p=108#comment-1919 No, pretty obvious he was being sarcastic, poor understanding No, pretty obvious he was being sarcastic, poor understanding

]]> By: Kyle http://www.root777.com/security/solving-fbis-2008-code-cracking-challenge/#comment-1918 Kyle Tue, 10 Feb 2009 03:39:09 +0000 http://www.root777.com/?p=108#comment-1918 under totally seems serious, poor sarcasm under totally seems serious, poor sarcasm

]]> By: Livedeht http://www.root777.com/security/solving-fbis-2008-code-cracking-challenge/#comment-1916 Livedeht Wed, 04 Feb 2009 11:36:59 +0000 http://www.root777.com/?p=108#comment-1916 I think you just missed a HUGE chunk of sarcasm flying your way there Mike. I think you just missed a HUGE chunk of sarcasm flying your way there Mike.

]]> By: Mike Griffin http://www.root777.com/security/solving-fbis-2008-code-cracking-challenge/#comment-1915 Mike Griffin Wed, 04 Feb 2009 04:19:14 +0000 http://www.root777.com/?p=108#comment-1915 <em>If the FBI can really use codes this complex…how come we still haven’t got binLaden?</em> This is actually a variant of the most common type encryption in the world. The daily cryptoquip in your newspaper uses the same exact type of encryption. Took me like 2 minutes with Notepad and "match case" replacements. :D If the FBI can really use codes this complex…how come we still haven’t got binLaden?
This is actually a variant of the most common type encryption in the world. The daily cryptoquip in your newspaper uses the same exact type of encryption.

Took me like 2 minutes with Notepad and “match case” replacements. :D

]]>