Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Encryption Security IT

Encrypted Images Vulnerable To New Attack 155

Posted by kdawson from the bye-bye-deniability dept.
rifles only writes "A German techie has found a remarkably simple way to discern some of the content of encrypted volumes containing images. The encrypted images don't reveal themselves totally, but in many cases do let an attacker see the outline of a high-contrast image. The attack works regardless of the encryption algorithm used (the widely-used AES for instance), and affects all utilities that use single symmetric keys. More significant to police around the world struggling with criminal and terrorist use of encryption, the attack also breaks the ability of users to 'hide' separate encrypted volumes inside already encrypted volumes, whose existence can now for the first time be revealed." The discoverer of this attack works for a company making full-disk encryption software; their product, TurboCrypt, has already been enhanced to defeat the attack. Other on-the-fly encryption products will probably be similarly enhanced, as the discoverer asserts: "To our knowledge is the described method free of patents and the author can confirm that he hasn't applied for protection."
This discussion has been archived. No new comments can be posted.

Encrypted Images Vulnerable To New Attack More

Encrypted Images Vulnerable To New Attack

Comments Filter:

  • Confusing (Score:5, Insightful)

    by Rui del-Negro ( 531098 ) on Sunday October 05, 2008 @04:10PM (#25266623) Homepage

    Is it just me or does anyone else get the feeling that the original story confuses two completely different concepts (digital photos and drive images)?

  • Watermark? (Score:5, Insightful)

    by Lord Byron II ( 671689 ) on Sunday October 05, 2008 @04:12PM (#25266655)
    How is this different from the well-known watermarking attack? Doesn't the fact that most encryption systems now use the block number as a salt render this attack useless?

  • Compressed images (Score:5, Insightful)

    by Lord Lode ( 1290856 ) on Sunday October 05, 2008 @04:12PM (#25266663)
    Does this also count for compressed images like PNG and JPG? After all those aren't bitmaps anymore - and removing redundancy by compression is always a good idea for encrypting afaik.

  • Re:Compressed images (Score:4, Insightful)

    by cjonslashdot ( 904508 ) on Sunday October 05, 2008 @04:16PM (#25266691)
    I had the same thought. From the description it sounds like the attack is based on the existence of regularity (low entropy) in the file. Any technique such as compression that increases the entropy should defeat the attack as it is described. Since most images today are compressed, it would seem that the attack would have no practical impact. But perhaps it works differently than explained.

  • What about crypto modes? Never heard of CBC, CTR? (Score:3, Insightful)

    by boldi ( 100534 ) on Sunday October 05, 2008 @04:16PM (#25266695)

    I just scanned these articles, but just from the fact I don't see a single occasion to talk about crypto modes, such as ECB,CBC,OFB,CFB,CTR etc., I'm unhappy.

    20+ years old knowledge, probably badly designed software, some special attack against very bad design, and then a panic-like hype against encryption.

    So please, tell the newspaper writers to learn somewhat about security and only after that start to write hype-like articles..
    Sad.

  • Re:Compressed images (Score:5, Insightful)

    by mrbah ( 844007 ) on Sunday October 05, 2008 @04:16PM (#25266701)
    Anything that's gone through run-length encoding is going to have very high entropy, so JPG and PNG images are safe.

  • Re:no IV and thus ECB-mode is probably the problem (Score:4, Insightful)

    by Free the Cowards ( 1280296 ) on Sunday October 05, 2008 @04:52PM (#25266985)

    Oh, and if you follow the link from the article you'll find that this attack is being published by the makers of TurboCrypt, which was incompetently designed and thus vulnerable to this attack, but has now been fixed. The makers of this app (which you should probably stay away from, if they made such an elementary mistake then who knows what other problems it has) are essentially hyping this fairly inconsequential discovery in order to sell their product.

    In conclusion: lame.

  • Re:Not new (Score:4, Insightful)

    by Creepy Crawler ( 680178 ) on Sunday October 05, 2008 @11:30PM (#25269477)

    And make sure to disable firewire IF you think the feds (or other high-tech snoops) are around.

    Firewire is a hole in RAM and can access anything. One could create a hole in RAM and have console auto-log you in. There's even a python-firewire auto-hacker for Windows machines. Got a server with firewire? It's as easy as 1,2,3.

    Not Cool.

  • Border Agent attack (Score:5, Insightful)

    by SmilingSalmon ( 1143805 ) on Sunday October 05, 2008 @11:56PM (#25269647)
    Lots of people here are talking about users backing up their own data, but what about a border agent backing up your data? There's some real danger. Let's say you regularly pass through an international border where the country has a policy of making back ups of your laptop drives. Many corporate travelers are in this situation. The border agent takes a quick snapshot of your drive on Monday morning. You leave the country on Friday, but return the following Monday. When you return next Monday, they take another snapshot. Bingo. If any of your files have changed but the drive key is the same, they've got the backup they need to prove you have a hidden drive and even find the vulnerable images.

Slashdot Top Deals

"If it ain't broke, don't fix it." - Bert Lantz

Close