don't panic. [..] home friends [ local ] BET crypto | security elliptic curve cryptography integer factorization project libec text psxdev [ off site ] openbsd gnu freshmeat slashdot hnn security focus

Cryptography | Security RC4 no more I coded the RC4 algorithm to work with any length key. I compiled the code with -O3 using gcc, and was able to walk through a 24 bit keyspace in 585 seconds (Pentium 3 500mhz). Then, I hand optimized the code to crack a 40 bit keyspace. Of course, I could assign keys from any bit range, and I could stop the search at any time. This hand optimized version could walk through the 24 bit space in 74 seconds on the same machine. Extrapolating, I can crack the entire 40 bit RC4 on a single processor in approximately 56 days. Netscape often only uses 40 bit version of this algorithm to encrypt data. The source code contains a description of the algorithm that I found on the net, and an article detailing the appearance of the RC4 code on the cypherpunks mailing list some years back. Download. jumble jumble takes as input a set of n characters. These characters are then operated upon to form all n! possible permutations. A dictionary file is read into memory, and every permutation is checked against the dictionary using a binary search. Good for solving newspaper puzzles. Download. cracker Cracker is a scaled down version of Crack. I wrote it not to function as a fullfledged security tool, but rather as an exercise is to see how easily I might compromise a passwd file with a little time and /usr/dict/words. Cracker reads in words from a dictionary, encrypts them with a given salt, and compares them with the encrypted text that is being attacked. This is just a basic dictionary attack. Download the source. brute brute takes a character set file (containing characters that can be used in possible passwords) and an encrypted password entry (probably from /etc/passwd). brute then proceeds to test all permutations of varying lengths of symbols in the character set until the original passwd is discovered. This is not particularly practical, since there are 268 possible 8 character passwords possible from just the lowercase letters. Download the source. freq Performs frequency count on text file. Download. sockpipe Very similar to a program called "datapipe", except I wrote this one and I am therefore fond of it. sockpipe binds to a specified port on the localhost, and forwards all incoming data to a specified port on a specified port. As an example, sockpipe could be bound to port 9999 on localhost, and all connections to it could bounce to www.gnu.org port 80. Thus, pointing netscape to localhost:9999 would conjure the gnu website. Download the source. ssh_mon I was considering how much faith I put in a remote host's sshd. Any sysadmin could monitor the traffic coming through the daemon -- in the plaintext. I made some modifications to serverloop.c to do this and made a diff of the changes. Traffic is logged in a very unorganized fashion to /tmp/ssh_mon. I didn't want to make this very spectacular and functional. I more just wanted to confirm that this was possible and simple to do. Download the patch.