[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hack Lotus?




"Peter Trei" writes:
> Think it through. 
[...]
> 8 Bob's copy of lotus repeats steps 4 & 5 above, and checks if
>    it's version of Epe(K') matches the one sent. 

Hmm, it could, but it isn't going to be trivial unless the thing is
running straight RSA without a random pad.

If it isn't randomly padding, then it possible to make a table of the
2^24 possible encryptions and break traffic without knowing the RSA
key the government uses. It would require about 16GB of storage,
granted, but that isn't exactly impossible in todays world -- that
only costs about $4000. It would also require a lot of CPU, but not an
impossible amount and the investment would be one time. Given such a
table properly indexed, you could crack any passing key just by
indexing to find out three bytes of the 64 bit key and then go after
the other 40 in fairly short order. That would make a new "Hack IBM"
(Lotus is owned by them) promotion on C2 rather fun!

If they are randomly padding, then they would have to send the pad
along, presumably encrypted under the RC4 key or under Bob's RSA key.

Someone has to deconstruct the code. At this point, we are starting to
fly off into the world of speculation.

> > Of course, I'll point out that 64 bit RC4 keys are still not
> > particularly heartwarming...
> 
> Granted, but we don't know if they use RC4, DES, or what.

They are RC4 if they haven't changed that part of the design.

Perry