[Info-vax] What to do with my VAX.....
Arne Vajhøj
arne at vajhoej.dk
Wed Nov 11 22:50:12 EST 2020
On 11/11/2020 10:40 PM, Dave Froble wrote:
> On 11/11/2020 9:12 PM, Bill Gunshannon wrote:
>> On 11/11/20 8:54 PM, Dave Froble wrote:
>>> On 11/11/2020 6:56 PM, Alexander Schreiber wrote:
>>>> seasoned_geek <roland at logikalsolutions.com> wrote:
>>>>> ALL
>>>>> ENCRYPTION is security by obscurity. Period.
>>>>
>>>> Thus proving nicely that you know _absolutely_ nothing about
>>>> encryption.
>>>> You imight want to read up on Kerckhoff's principle for starters.
>>>
>>> Well, I wouldn't be so quick to dismiss that statement.
>>>
>>> Isn't not knowing a solution a form of obscurity? Otherwise, if one
>>> knows the key, then there is no security, right? So not knowing the
>>> key is sort of "security by obscurity"?
>>>
>>> There have been multiple instances in the past of codes being broken
>>> and harmful affects because of that. The Japanese code in WWII?
>>>
>>> What is a "secret key", other than "unknown data"? Can such a key be
>>> guessed? Unlikely. But possible.
>>>
>> Guess it depends on which part of ENCRYPTION you are talking about.
>> The entire algorithm for the Unix Password encryption is documented
>> and available for anyone who wants to read it. No obscurity involved
>> at all. Let me know when you figure out how to reverse the encryption
>> for any password. Brute force doesn't count.
>
> But, it would be possible, however very unlikely, to guess? Or is that
> considered "brute force"?
AES 256 bit has 2 power 256 possible keys.
That means that at average one will need to try 2 power 255 keys
before finding the correct one.
But one could be lucky and find it at first guess. Probability is
1 out of 2 power 256 for that happening.
Such odds are considered acceptable.
Arne
More information about the Info-vax
mailing list