[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Cyphergurus: Advice needed
-----BEGIN PGP SIGNED MESSAGE-----
I'm writing a Macintosh encryption application (nearing completion), which,
when it encrypts a file, changes its file type and creator so that the
encryption program will be launch when the file is double-clicked. I have to
save four pieces of information about the original plaintext: file type,
creator, data fork length, and resource fork length. These are placed in a
resource in the encrypted file.
What I'd like to get opinions on is _should I encrypt this header information_,
since its format will be known to an attacker and, in many cases, its contents
easy to guess? My inclination is to leave it plaintext, since the worst that
can happen if a file type is known is the same type of attack that would
_always_ be possible with an encrypted header.
Thanks to all with thoughts on the subject.
-- Will
-----BEGIN PGP SIGNATURE-----
Version: 2.3
iQCVAgUBLN9hEPfv4TpIg2PxAQEZCwP9G2nysBI31CnD2UasTUHQb3itwc2S1juc
TGJRvo5iB1WRFHwYwxyraae41Kf2Xsu6qiuHAQWEuvGhG4MyiZjXwZsE5FU9pxRR
CV/pvSG4J/teXvJXv575Vr3lVxI6isDa4oZcMtv5rOS7ihIqF4ssuHnlOa6mHckU
KW81MGB8nkQ=
=cLCE
-----END PGP SIGNATURE-----