tags:

views:

128

answers:

5
Q: 

Do many small files encrypted with the same cipher and key pose a security vulnerability?

I am curious, if I have many files, some as big as a few k, some as little as 2, 4, 8 bytes. Will there be a security hole? What if I have 10,000 files on a single disc all encrypted with the same algorithm (lets say SHA512 since I know SHA512CryptoServiceProvider exist)

Would that be a security vulnerability? Since so many files use the same cipher and key? Is is it bad that they are small also? The files may be in known formats like pdf, png, doc, jpg, etc. Does that affect anything since the first few bytes of those files are known?

A: 

I recall some danger involving files of less than roughly 30 or 40 bytes or so. This was also in the early days where DES was still considered unbreakable (it was until CPU power became sufficient). The danger had something to do with guessing a couple of messages completely from their length alone and thereby extracting the key.

Joshua  2009-08-08 06:10:23
+3  A: 
derobert  2009-08-08 06:12:38
My question was about files not how to encrypt. I dont understand. I thought everything that had CryptoServiceProvider at the end was a cipher http://msdn.microsoft.com/en-us/library/system.security.cryptography.aspx
acidzombie24  2009-08-08 06:23:21
@acidzombie24: The page you linked to explains it clearly: "The System.Security.Cryptography namespace provides **cryptographic services**, including secure encoding and decoding of data, **as well as many other operations, such as hashing, random number generation, and message authentication. For more information, see Cryptographic Services**."
Adam Paynter  2009-08-08 17:42:53
A: 

My question was about files not how to encrypt. I dont understand. I thought everything that had CryptoServiceProvider at the end was a cipher

A hash algorithm like SHA is not a symmetric cipher. The main worry about cryptographic hash functions is someone purposefully generating collisions. Having said that, I do not believe you will need to worry about people generating collisions for your images.

Unknown  2009-08-08 06:17:27
Sure, but with any secure cipher the time requirements of that brute force attack should be well in excess of possible. It should be no easier than "try a key, hope to get lucky, try the next key" searching over on average ½ of the keyspace. So, for a 256-bit cipher, you have 2^255 keys before you have a 50% chance. 2^255 is a very large number, if you had every atom on Earth (10^50, according to a quick search) try a key every second, it'd take twenty quintillion years.
derobert  2009-08-08 06:27:53
of course, my comment assumes the use of a good (random) key. Pick "password" and all bets are off.
derobert  2009-08-08 06:28:59
A: 

If properly encrypted with a good cipher mode (not ECB) - with a random initialization vector (IV) - even with many small files using the same key, the encrypted files will be sufficiently different that no cryptanalysis is possible. Indeed, that is the definition of a sound cryptographic algorithm.

Jonathan Leffler  2009-08-08 06:29:22
A: 

Like everyone said, SHA is not a cipher, its a HASH. This alone should be a good indication that you should NOT implement your own cipher.

Crypto is hard, even if you were an expert, I'd say still go with something public, all crypto implementations have had flaws, we consider them secure after many many years, because crypto is really hard, even expert make mistakes.

Also you said you want to encrypt different files with the same key ?, most cyphers encrypt blocks of equal sizes, some of this files, like pdf, the attacker might know say the first 64 bits. If he knows the plain text(the first 64 bits) if you cypher is deterministic, recovering the key is trivial.

My suggestion, stick with a well known cypher, with a public implementation, like AES, and with a good cypher mode, since your first blocks are likely to be equal, ECB suggested above will yield something probably not secure. CBC or CFB are likely your best bet.

daniel  2009-08-08 19:55:02
So if i use a salt + password CBC or CFB and have many files with known blocks (headers, footers and patterns ) would it be secure? I can use AESCryptoServiceProvider, the above was just an example (i am glad i didnt say AES i didnt realize hashes were not secure)
acidzombie24  2009-08-08 20:13:15
No, I say if you type AES in your source code anywhere is not secure, yo will get it wrong somewhere, it doesn't matter how many people you ask or what you do, you will get it wrong. If this information needs to be encrypted, consider using something like TrueCrypt, that is the only way you will get it right.
daniel  2009-08-08 22:28:20

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security