Re: Attack on DES paper and CRACK

Robert Moskowitz (rgm3@is.chrysler.com)
Thu, 19 Jan 1995 13:00:56 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: jsz: "Re: NFS packet blocking (Was Mouse EXPLOIT info...)"
Previous message: Julian Assange: "Re: Attack on DES paper and CRACK"
Next in thread: : "Re: Attack on DES paper and CRACK"

I want to thank everyone that helped me on these.

I got it 'locally' over at Mich State U.  Our security manager was so
pleased with the information in it, that he intends in including the whole
piece as an addendum to a security review paper for the auditors and senior
management (rather than just referencing it).

It was quite an eye opener for him, particularly the appendix on the chip
desire for the DES search chip. :)

I got CRACKERJACK, and once I did, I did not give it to the original
requester, rather to our security people for a tool for them.  Too
dangerous, I can't trust that person to restrict who gets it.

However, I was told:

>I suspect that you don't really need CRACK for this but instead could
>simply use a script that checks the selected password's quality before
>it is encrypted, assuming that I read the application right. A perl
>script to do this is an extended example in the Perl book by Larry
>Wall. You can find the code for all the examples in the book on
>ftp.uu.net, and I believe there is a Perl available for PCs, so that
>would more or less handle the problem for you guys.

But the response on ftp.uu.net is terrible.  I have not found these.  Can
anyone point me to another source of these?

Robert Moskowitz
Chrysler Corporation
(810) 758-8212

Next message: jsz: "Re: NFS packet blocking (Was Mouse EXPLOIT info...)"
Previous message: Julian Assange: "Re: Attack on DES paper and CRACK"
Next in thread: : "Re: Attack on DES paper and CRACK"