| Author |
RE: Uncrackable encryption |
deathrape
Member
Posts: 115
Location:
Joined: 19.03.05
Rank: Wiseman |
|
Wow... you developed a private key encryption schema. ZOMG.
So in other words, if I used LFI to get the source of your hash system, I could just reverse each function, and since I have your source I also have the private key. Then I dump your db.inc.php or common.php or whatever file that has DB connectivity, login to your SQL server with the account cred in the source code and dump the entire users table. I then re-write your program in reverse order, undoing everything your program does, and it's not "impossible" because I have the password.
Security through obscurity is stupid.
There's no point in private key encryption is you're using the system to make a hash. That's not even a hash algorithm! Just because YOU didn't make a decryption program doesn't mean one doesn't exist.
Workers of the world, UNITE! You have nothing to lose but your chains!
And the riot be the rhyme of the unheard! |
|
| Author |
RE: Uncrackable encryption |
kaksii
Member
Posts: 693
Location:
Joined: 20.11.06
Rank: God |
|
You are an idiot.
I didn't mention any pruvate key, you idiot.
Does LFI has anything to do with cryptography, you idiot.
LFI has to do with website security, you idiot.
And, btw, I am not an idiot to make that flaw, you idiot.
If you ever get my source and hack the site, I would modify the algorithm and it would be of no use to you, you idiot.
Read the fucking thread, you idiot.
Thanks
|
|
|
| Author |
RE: Uncrackable encryption |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
|
kaksii wrote:
You are an idiot.
I didn't mention any pruvate key, you idiot.
Does LFI has anything to do with cryptography, you idiot.
LFI has to do with website security, you idiot.
And, btw, I am not an idiot to make that flaw, you idiot.
If you ever get my source and hack the site, I would modify the algorithm and it would be of no use to you, you idiot.
Read the fucking thread, you idiot.
Thanks
You idiot, read his post.
He didn't say local file inclusion (I hate the accronym "LFI" has got anything to do with cryptogrophy, he merely stated that if he found a local file inclusion vuln on your website, or where ever this is being hosted, and found the source for the app, he could reverse the function.
Read his post again, foo'
|
|
| Author |
RE: Uncrackable encryption |
kaksii
Member
Posts: 693
Location:
Joined: 20.11.06
Rank: God |
|
system_meltdown wrote:
You idiot, read his post.
He didn't say local file inclusion (I hate the accronym "LFI" has got anything to do with cryptogrophy, he merely stated that if he found a local file inclusion vuln on your website, or where ever this is being hosted, and found the source for the app, he could reverse the function.
Read his post again, foo'
If he read the whole thread, he would realised that I don't care about internet security.
He would understand that I care only about cryptography. Not how to steal it.
Foo'
|
|
|
| Author |
RE: Uncrackable encryption |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
system_meltdown wrote:
You idiot, read his post.
He didn't say local file inclusion (I hate the accronym "LFI" has got anything to do with cryptogrophy, he merely stated that if he found a local file inclusion vuln on your website, or where ever this is being hosted, and found the source for the app, he could reverse the function.
Read his post again, foo'
kaksii wrote:
If he read the whole thread, he would realised that I don't care about internet security.
He would understand that I care only about cryptography. Not how to steal it.
Foo'
I fail to see how I am a fool. You proved none of my points wrong. You just whined about how he didn't read the thread :-/
|
|
|
| Author |
RE: Uncrackable encryption |
kaksii
Member
Posts: 693
Location:
Joined: 20.11.06
Rank: God |
|
system_meltdown wrote:
You idiot, read his post.
He didn't say local file inclusion (I hate the accronym "LFI" has got anything to do with cryptogrophy, he merely stated that if he found a local file inclusion vuln on your website, or where ever this is being hosted, and found the source for the app, he could reverse the function.
Read his post again, foo'
[/quote]
Ok.
So he said if he steals my source, he will be able to reverse it.
I think my encryption is one-way (if he is reffering to that).
He didn't read the thread, because if he did, he wouldn't mention any private key encryption because that's not what I did.
|
|
|
| Author |
RE: Uncrackable encryption |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
Nothing is one-way. Nothing_at_all. All the known standards of today can be reversed in the future. Without using bruteforce/wordlist methods.
It's math, it's never (completely) random.
It can be reversed.
Always.
EDIT: also, deathrape rules, idiots.
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert
Edited by spyware on 08-11-07 22:53 |
|
|
| Author |
RE: Uncrackable encryption |
varreon
Member
Posts: 65
Location:
Joined: 13.10.07
Rank: Hacker Level 2 |
|
Please repost the executable. Im curious what an uncrackable (not for long) encryption looks like 
 |
|
|
| Author |
RE: Uncrackable encryption |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
Please post the damn source-code. Sounds to me like this is:
-buggy
-overly complicated
-"frankenstein" code
-not secure
Show us some source, if it's uncrackable we won't find anything.
(Also, how's the porting to PHP going?)
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Uncrackable encryption |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
Well... I've come to these conclusions:
1. This is a really old thread.
2. Has a couple of pointless bumps.
3. Everyone calling someone an idiot... is an idiot.
4. Also, the excluded people are idiots, too.
5. Who even cares about the "encryption"?
6. z0mgz... I need a beer.
So, just stfu and leave it be. I thought this thread died a while ago for a reason.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: Uncrackable encryption |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
The OP posted too Zephyr, so there is no "bumping without reason" going on. I'd just like to see if this thing still is around. I want/Can I have the source + latest working version(?), just to see what you did.
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Uncrackable encryption |
FaTaL_PrIdE
Member
Posts: 93
Location:
Joined: 01.09.06
Rank: God |
|
|
spyware wrote:
Nothing is one-way. Nothing_at_all. All the known standards of today can be reversed in the future. Without using bruteforce/wordlist methods.
Um? Really? I suggest you read a little more about hashing algorithms. Its a basic premise - by using operations that CANNOT be reversed a (hopefully) distinct checksum is reached.
It has nothing to do with 'the future' as the only thing which will change is computational power (therefore allowing faster bruteforcing). Although there might be weaknesses found in the algorithm speeding this up slightly, reversing the algorithm is a mathematical impossibility. |
|
|
| Author |
RE: Uncrackable encryption |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
|
reversing the algorithm is a mathematical impossibility.
With our current understandings, yes, you are right. Things change, however. Not a terrible long time ago peolpe laughed at you when you said we once would reach the moon. Or that the earth is not flat.
Things change, hashes too. Math evolves, stability degrades over time. I suspect that in 50/100 years the MD5 hash will be totally useless for safe-guarding sensitive data (read: passwords).
Feel free to disagree with me; we'll see in a few years who's right .
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Uncrackable encryption |
FaTaL_PrIdE
Member
Posts: 93
Location:
Joined: 01.09.06
Rank: God |
|
Perhaps
I think it will be unlikely though. Quite a bit of effort goes into breaking these algorithms which focuses mainly on (after algorithm analysis) collision detection. To be able to reverse it would suggest finding a way to reverse binary shifts and other logical operations (excluding XOR of course which is obviously reversible).
Its a fascinating and ever evolving field so the future will always be interesting |
|
|
| Author |
RE: Uncrackable encryption |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
|
spyware wrote:
The OP posted too Zephyr, so there is no "bumping without reason" going on. I'd just like to see if this thing still is around. I want/Can I have the source + latest working version(?), just to see what you did.
I disagree. Three months after the thread died down, deathrape bumped the thread with criticism that had already been addressed in the thread. There was nothing original in his criticism; thus, he should've left the thread alone. As for Kaksii, he responded three months later to a dead unoriginal bunch of criticism... and should've just left it alone. Hence, "bumping without reason".
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: Uncrackable encryption |
spyware
Member
Posts: 4190
Location: The Netherlands
Joined: 14.04.07
Rank: God
Warn Level: 90
|
|
Ah well, I guess you are right. I still want to see the source though, so if Kaksii has a copy left?
"The chowner of property." - Zeph Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term. - Carl Sagan Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor? - Ebert |
|
|
| Author |
RE: Uncrackable encryption |
kaksii
Member
Posts: 693
Location:
Joined: 20.11.06
Rank: God |
|
|
spyware wrote:
Ah well, I guess you are right. I still want to see the source though, so if Kaksii has a copy left?
I am truly sorry for bumping the thread, but I was a bit pissed on deathrape's post.
My encryption didn't have any public/private key encryption.
It was md5 style. And that's why deathrape pissed me off.
Btw, apologies to deathrape. He was wrong though. I reacted a bit aggressive.
spyware: Math evolves, but it doesn't revolve (I think I spelt wrong).
And as for the project, I lost my hope. It is closed.
I made a great collision tester (bruteforcer), I managed to improve the code and make it more secure.
But then, one day I got pissed off on some shit and I closed the project.
Sad...maybe one day I'll continue where I stopped.
|
|
|
Main:
