Entries Tagged "doghouse"

Page 3 of 4

The Doghouse: KRYPTO 2.0

The website is hysterical:

Why are 256 bits the technically highest coding depth at all on computers possible are ?

A computer knows only 256 different indications.
1 indication = 1 byte has 8 bits in binary the number system exactly.
1 bit knows only the switching status: on or out or 0 or 1 by the combination of these 8 bits results 256 bits.
The computation in addition: 2 switching status highly 8 bits = 256 bits these 256 bits
is addressed in decimally the number system from 0 to 255 = 256 bits.
Computers work however in in hexadecimals the number system.
There these 256 bits designated above are addressed from 00 to FF = 256 bits.
A byte cannot be thus under bits 0 or over bits 255.
Therefore 256 bits are the technically highest coding depth at all on computers
possible are.

Proof of the Krypto security !
Which would be, if one would try one of Krypto coded file unauthorized to decode.
A coded file with the length of 18033 indications has therefore according to computation, 256 bits highly 18033 indications = 6,184355814363201353319227173630ë+43427
file possibilities. Each file possibility has exactly 18033 indications byte.
Multiplied by the number of file possibilities then need results in the memory.
Those are then: 1,1152248840041161000440562362208e+43432 byte.
Those are then: 1,038634110245961789082788150963è+43423 Giga byte data quantity.
That is a number with 43424 places.
I can surely maintain as much memory place give it in the whole world not never.
And the head problem now is, which is now the correctly decoded file.
Who it does not know can only say there. That does not know so exactly !
They can code naturally naturally also still successively several times, even up to
the infinity.

My head hurts just trying to read that.

Posted on June 8, 2006 at 7:50 AM

The Doghouse: Super Cipher P2P Messenger

Super Cipher P2P Messenger uses “unbreakable Infinity bit Triple Layer Socket Encryption for completely secure communication.”

Wow. That sure sounds secure.

EDITED TO ADD (2/15): More humor from their website:

Combining today’s most advanced encryption techniques, and expanding on them. The maximum encryption cipher size is Infinity! Which means each bit of your file or message is encrypted uniquely, with no repetition. You define a short key in the program, this key is used in an algorithm to generate the Random Infinity bit Triple Cipher. Every time you send a message or file, even if it is exactly the same, the Triple Cipher completely changes; hence then name ‘Random’. Using this method a hackers chances of decoding your messages or file is one to infinity. In fact, I challenge anyone in the world to try and break a single encrypted message; because it can’t be done. Brute Force and pattern searching will never work. The Encryption method Super Cipher P2P Messenger uses is unbreakable.

Posted on January 24, 2006 at 12:51 PMView Comments

The Doghouse: Lexar LockTight

Do you think we should tell these people that SHA-1 is not an encryption algorithm?

Developed by Lexar, the new security solution is based on a 160-bit encryption technology and uses SHA-1 (Secure Hash Algorithm), a standard approved by the National Institute of Standards and Technology (NIST). The 160-bit encryption technology is among the most effective and widely accepted security solutions available.

This seems not to be a typo. They explain themselves in more detail here:

Lexar has provided us with the following explanation as to how data is protected on the LockTight cards: (we understand that the encryption is carried out on the communications layer between the card and camera/computer rather than the data itself).

“Lexar employs a unique strategy to protect data on LockTight cards. LockTight cards are always ‘locked.’ In other words no computer or camera can read or write data from/to a LockTight card until a critical authorization process takes place between the LockTight card and the host computer or host camera. This authorization process is where the 160-bit HMAC SHAH-1 encryption algorithm is employed.”

Posted on October 3, 2005 at 8:22 AMView Comments

The Doghouse: CryptIt

It’s been far too long since I’ve had one of these.

CryptIt looks like just another one-time pad snake-oil product:

Most file encryptions use methods that mathematically hash a password to a much larger number and rely on the time taken to reverse this process to prevent unauthorised decryption. Providing the key length is 128 bits or greater this method works well for most purposes, but since these methods do have predictable patterns they can be cracked. CPUs are increasing in speed at a fast rate and these encryption methods can be beaten given luck and/or enough computers. XorIt uses the XOR encryption method (also known as Vernam encryption) that can have keys the same size as the file to be encrypted. Thus, if you are encrypting a 5MB file, then you can have what is in effect a 40 Million bit key! This is virtually unbreakable by any computer, especially when you consider that the file must also be checked with each combination to see if it is decrypted. To put is another way, since XorIt gives no pass/fail results brute force methods are difficult to implement. In fact, if you use a good key file that is the same size or larger than the source and do not reuse the key file then it it impossible to decrypt the file, no matter how fast the computer is. Furthermore, the key file can be anything – a program, a swap file, an image of your cat or even a music file.

Amazingly enough, some people still believe in this sort of nonsense. Before defending them, please read my essay on snake oil.

Posted on September 28, 2005 at 1:25 PM

The Doghouse: Privacy.li

This company has a heartwarming description on its website:

PRIVACY.LI – Privacy from the Principality of Liechtenstein, in the heart of the Alps, nestled between Switzerland and Austria. In times of turmoil and insecurity, witch hunt and suspicions, expropriations and diminishing credibility of our world leaders it’s always good to have a place you can turn to. This is the humble effort to provide a place to the privacy and freedom concerned world citizens to meet, discuss, help each other and foster ones desire for liberty and freedom.

But they have no intention of letting their customers know anything about themselves.

Company Profile

Actually, this is not to be published here:-) A privacy service like ours is best if not too many details are known, we hope you fully understand and support this. The makers of this page are veterans at the chosen subject, and will under no circumstances jeopardize your privacy.

Oh yeah, and their “DriveCrypt” product includes “real Time, 1344 bit – Military Strength encryption.”

Somehow, my heart is no longer warm.

Posted on July 8, 2005 at 8:36 AMView Comments

The Doghouse: ExeShield

Yes, there are companies that believe that keeping cryptographic algorithms secret makes them more secure.

ExeShield uses the latest advances in software protection and encryption technology, to give your applications even more protection. Of course, for your security and ours, we won’t divulge the encryption scheme to anyone.

If anyone reading this needs a refresher on exactly why secret cryptography algorithms are invariably snake oil, I wrote about it three years ago.

Posted on April 13, 2005 at 9:19 AMView Comments

The Doghouse: Xavety

It’s been a long time since I doghoused any encryption products. CHADSEA (Chaotic Digital Signature, Encryption, and Authentication) isn’t as funny as some of the others, but it’s no less deserving.

Read their “Testing the Encryption Algorithm” section: “In order to test the reliability and statistical independency of the encryption, several different tests were performed, like signal-noise tests, the ENT test suite (Walker, 1998), and the NIST Statistical Test Suite (Ruhkin et al., 2001). These tests are quite comprehensive, so the description of these tests are subject of separate publications, which are also available on this website. Please, see the respective links.”

Yep. All they did to show that their algorithm was secure was a bunch of statistical tests. Snake oil for sure.

Posted on March 15, 2005 at 11:00 AMView Comments

The Doghouse: Internet Security Foundation

This organization wants to sell their tool to view passwords in textboxes “hidden” by asterisks on Windows. They claim it’s “a glaring security hole in Microsoft Windows” and a “grave security risk.” Their webpage is thick with FUD, and warns that criminals and terrorists can easily clean out your bank accounts because of this problem.

Of course the problem isn’t that users type passwords into their computers. The problem is that programs don’t store passwords securely. The problem is that programs pass passwords around in plaintext. The problem is that users choose lousy passwords, and then store them insecurely. The problem is that financial applications are still relying on passwords for security, rather than two-factor authentication.

But the “Internet Security Foundation” is trying to make as much noise as possible. They even have this nasty letter to Bill Gates that you can sign (36 people had signed, the last time I looked). I’m not sure what their angle is, but I don’t like it.

Posted on December 13, 2004 at 1:32 PMView Comments

The Doghouse: Vadium Technology

Yet another one-time pad system. Not a lot of detail on the website, but this bit says it all:

“Based on patent-pending technology and 18 years of exhaustive research, Vadium’s AlphaCipher Encryption System ™, implements a true digital One-Time-Pad (“OTP”) cipher. The One-Time Pad is the only method of encrypting data where the strength of protection is immune to the mounting threats posed by breakthroughs in advanced mathematics and the ever-increasing processing power of computers. The consistently accelerated increases in computing power are proven to be a present and severe threat to all the other prevalent encryption methods.”

I am continually amazed at the never-ending stream of one-time pad systems. Every few months another company believes that they have finally figured out how to make a commercial one-time pad system. They announce it, are uniformly laughed at, and then disappear. It’s cryptography’s perpetual motion machine.

Vadium Technology’s website.

My essay on one-time pads.

Posted on November 4, 2004 at 12:08 PMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.