Slashdot Mirror


Encrypted Images Vulnerable To New Attack

rifles only writes "A German techie has found a remarkably simple way to discern some of the content of encrypted volumes containing images. The encrypted images don't reveal themselves totally, but in many cases do let an attacker see the outline of a high-contrast image. The attack works regardless of the encryption algorithm used (the widely-used AES for instance), and affects all utilities that use single symmetric keys. More significant to police around the world struggling with criminal and terrorist use of encryption, the attack also breaks the ability of users to 'hide' separate encrypted volumes inside already encrypted volumes, whose existence can now for the first time be revealed." The discoverer of this attack works for a company making full-disk encryption software; their product, TurboCrypt, has already been enhanced to defeat the attack. Other on-the-fly encryption products will probably be similarly enhanced, as the discoverer asserts: "To our knowledge is the described method free of patents and the author can confirm that he hasn't applied for protection."

1 of 155 comments (clear)

  1. it's because you guys are f*****ers. by Anonymous Coward · · Score: -1, Flamebait

    I'm going to get modded down or stay at 0 but here's a clue. Just like you DON'T encrypt Skype packets if you expect me not to laugh in your face (what, you expect skype to make similar traffic when there's silence as when you're talking over each other? Freaking moron), the ONLY way to encrypt a drive is to first convert it into a single file.

    You then encrypt the file, erase the source files. Decryption is this in reverse.

    "BUT I WANT RANDOM ACCESS BOO HOO HOO." Well, tough shit. My wife would like two-way Skype calls. No. You record the ENTIRE call (your end) then pad it to one gigabyte and encrypt. PERIOD. She does the same. You exchange once per day at midnight by uploading it as a series of Youtube videos' night-time web cam (or cell phone video) static.

    WHY IS THIS SO HARD TO UNDERSTAND??