Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CACxgy5x9yWhqiCf7fV1pwqaT36wUw8y7eDu+-vvjgV6j8dbg=w@mail.gmail.com>
Date: Sun, 29 Mar 2020 08:37:35 -0400
From: Powen Cheng <madtomic@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Two security-related questions

I don’t think you can prevent anyone from decrypt your file. Since you are
using the still using the standard AES library and commercial compressor
archiver. The only way is write your own encryption method and using salts
with passwords and for extra measure. Salted it again and since you will be
writing this encryption program. No one will be able to decrypt your file
unless you provide the decryption program. So, In long run way. You still
cannot build a full proof system since quantum computing is coming to us in
near future. The only thing I think is full proof is biometric encryption
with a physical encryption key. Hell, throw on the password requirement
while you are at it.

Po

On Sun, Mar 29, 2020 at 6:59 AM Johny Krekan <krekan@...nykrekan.com> wrote:

> 1. If you could choose - which archiver to choose to securely encrypt
> files which one you would choose (7zip or rar).
>
> 2. If I use standard AES library and write mi own small program to
> encrypt data for example file, so after encryption the person who gets
> the file using illegal methods (for example by hacking in to the system)
> but will not have my encryption tool, how hard it will be for this
> person to decrypt the encrypted file?
>
> Chosen password will be for example 12 character password like for
> example !141BCDeg9aa
>
> Johny Krekan
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.