Attacking WinZip AES Encryption
bden writes "As another tidbit from Bruce Schneier's Crypto-Gram, remember back in
January when WinZip was Slashdotted for moving forward with its new
AES-based encryption technology? Everything sounded good
since we all knew that AES is secure, right? Well, a cryptographer
took a look at how WinZip uses AES and found lots of problems.
Regardless of how many people actually plan to use WinZip encryption, the lesson, according to Schneier, is that "cryptography is hard, and
simply using AES in a product does not magically make it secure."
So how can we distinguish between an application that simply uses
the right buzzwords, like AES, from an application that is actually
secure?"
So how can we distinguish between an application that simply uses the right buzzwords, like AES, from an application that is actually secure?"
By only using peer reviewed open source software for starters.
FP?
I think the problem is people approach to the security.
They think you can just take AES and HMAC and glue them together in any way
and arrive at security. I mean both are secure right? The result should be secure?
Wrong! Schneier names one of the chapters in one ofhis book: "Cryptography is hard but that's just the easy part!"
It really is very hard to secure information. It's almost intractable.. We've seen a few articles here in the last week about interesting side-channel attacks. Breaking RSA keys by listening and an earlier one which broke into computers by heating them up.
Cryptography is littered with broken designs fielded designs like WEP and let's not mention software security..
It's going to be twenty years before we have "trustworth computing". It would help if we could modularize cryptography like we can computer programs...
Simon.
I took a class in cryptography last semester. The professor offered the best words of advice I ever heard in the subject: "Don't try to create new algorithms. We know how to do that already. What we have is secure. What you need to work on is the implementation. Just because something uses encryption, it is by no means secure."
He then proceeded to explain how easily NTLM can be defeated in a brute force attack.
While most of the points raised in the paper seem valid, some done make sense. Case in point: "someone may use a keystroke logger to find out what your passphrase is". How the fuck is this a Winzip vulnerability?