Encrypted Images Vulnerable To New Attack 155
rifles only writes "A German techie has found a remarkably simple way to discern some of the content of encrypted volumes containing images. The encrypted images don't reveal themselves totally, but in many cases do let an attacker see the outline of a high-contrast image. The attack works regardless of the encryption algorithm used (the widely-used AES for instance), and affects all utilities that use single symmetric keys. More significant to police around the world struggling with criminal and terrorist use of encryption, the attack also breaks the ability of users to 'hide' separate encrypted volumes inside already encrypted volumes, whose existence can now for the first time be revealed." The discoverer of this attack works for a company making full-disk encryption software; their product, TurboCrypt, has already been enhanced to defeat the attack. Other on-the-fly encryption products will probably be similarly enhanced, as the discoverer asserts: "To our knowledge is the described method free of patents and the author can confirm that he hasn't applied for protection."
Confusing (Score:5, Insightful)
Is it just me or does anyone else get the feeling that the original story confuses two completely different concepts (digital photos and drive images)?
Watermark? (Score:5, Insightful)
Compressed images (Score:5, Insightful)
Re:Compressed images (Score:4, Insightful)
What about crypto modes? Never heard of CBC, CTR? (Score:3, Insightful)
I just scanned these articles, but just from the fact I don't see a single occasion to talk about crypto modes, such as ECB,CBC,OFB,CFB,CTR etc., I'm unhappy.
20+ years old knowledge, probably badly designed software, some special attack against very bad design, and then a panic-like hype against encryption.
So please, tell the newspaper writers to learn somewhat about security and only after that start to write hype-like articles..
Sad.
Re:Compressed images (Score:5, Insightful)
Re:no IV and thus ECB-mode is probably the problem (Score:4, Insightful)
Oh, and if you follow the link from the article you'll find that this attack is being published by the makers of TurboCrypt, which was incompetently designed and thus vulnerable to this attack, but has now been fixed. The makers of this app (which you should probably stay away from, if they made such an elementary mistake then who knows what other problems it has) are essentially hyping this fairly inconsequential discovery in order to sell their product.
In conclusion: lame.
Re:Not new (Score:4, Insightful)
And make sure to disable firewire IF you think the feds (or other high-tech snoops) are around.
Firewire is a hole in RAM and can access anything. One could create a hole in RAM and have console auto-log you in. There's even a python-firewire auto-hacker for Windows machines. Got a server with firewire? It's as easy as 1,2,3.
Not Cool.
Border Agent attack (Score:5, Insightful)