Thread: Need to recover (encrypted) files from XP install on another hard drive
View Single Post
  #17 (permalink)  
Old 08-31-2006, 11:18 PM
Rod Speed
Guest
  
Posts: n/a
Default Re: Need to recover (encrypted) files from XP install on another hard drive
Mxsmanic <mxsmanic@gmail.com> wrote
> kony writes

>> ... unless the key is sufficiently short enough
>> to crack, which we hope isn't the case.

> Well-chosen keys are extremely difficult to crack, even if they aren't
> very long. For example, a simple 12-character key, if it is completely
> random and alphanumeric, would take millions of years to crack.

> Of course, many keys are far from random,
> if they are chosen by human beings.

>> Doubtful, then anyone else could come along and input this
>> (usually known) information and generate the key again.

> Not if it is generated from internal system data unique to each user
> account on the system. However, the mere fact that it can be generated
> (rather than being required to come from the user himself) means that
> anyone finding out how the key is generated can decrypt the data.

Not necessarily, depends on how well that is done.

> If the user is not asked for a key, then the only other possibility
> is automatic generation of the key, as described above. That
> is fundamentally insecure,

No it isnt. Only the most poorly implemented systems use JUST
internal system data unique to each user account on the system,
its completely trivial to use truely random data instead.

> but it's more convenient for users who don't understand security to begin
> with.

You clearly dont yourself.

>> There's no "difficult" about it, very secure encryption
>> is just as easy to crack as very poor encryption, It
>> is "easy" it just takes _infinitely_long_time_ to do it.

> When it's an infinitely long time, it's an infinitely low threat.

>> However, this is only considering brute force. There are
>> quite a few tricks that can help when it's a single static
>> key. For example, with Windows there are quite a few
>> known files that are static, as well as those files' contents.
>> That is a HUGE help to decryption specialists.

> That depends on the type of encryption. However, I
> suspect that any built-in Windows encryption isn't that
> strong, since it still has to be exportable and practical.

Mindlessly silly. Have fun explaining how that
is trivial to do with banking transactions etc.

>> Nope, there is password cracking... and
>> not just dictionary or brute force attempts.

> Not for NT login passwords.

Different matter entirely.



Reply With Quote