[sword-devel] Sapphire, module cipher
spdlist at ihug.co.nz
Thu Mar 2 12:53:24 MST 2006
Don't save an enciphered chunk of known data.
How about something like storing in the conf an MD5 hash of the first chapter (or some appropriate amount)? Something like that
means you can algorithmically determine that the key is highly likely to be correct, yet a brute force attack will still be required
in order to figure out an unknown key, and having a whole chapter of plain text + markup would be enough to determine that you'd
found the correct key (heuristically) even without comparing the hash results.
Or a hash of the entire module, checked when the key is entered, though that doesn't guard against the bugs seen when using an
incorrect key - however they need to be fixed anyway so that the checking of the key on key entry doesn't crash.
> -----Original Message-----
> From: sword-devel-bounces at crosswire.org
> [mailto:sword-devel-bounces at crosswire.org] On Behalf Of Daniel Glassey
> Sent: Friday, 3 March 2006 8:19 a.m.
> To: SWORD Developers' Collaboration Forum
> Subject: Re: [sword-devel] Sapphire, module cipher
> On 02/03/06, Troy A. Griffitts <scribe at crosswire.org> wrote:
> > DM
> > Sure, if we decide to provide a mechanism in the engine to
> > determine if a key is valid, we can easily do such, and SWMgr, when
> > reading the module configuration files, can check and not even load
> > the module if it doesn't have a correct key.
> > I would like to hear opinions of switching from our
> current security:
> > you don't know if you have it right until a human looks at
> the result
> > and decides it's intelligable output.
> > to a programmatic
> > bool isKeyValid(...)
> > You make an interesting point that someone might be able to
> > construct a reasonably successful bool isKeyValid(...) themselves
> > based upon a reasonable definition of the domain for the result.
> > PS. If we decide to implent an isKeyValid(), I'll probably
> > it quickly by saving an enciphered chunk of known data in DataPath.
> Remember, the code is free so anyone is free to write an
> isKeyValid themselves. So, if it is useful for the official
> library to have then I don't think there is anything lost by
> having it.
> sword-devel mailing list: sword-devel at crosswire.org
> Instructions to unsubscribe/change your settings at above page
More information about the sword-devel