On 5/11/24 14:59, Dan Cross wrote: > On Sat, May 11, 2024 at 3:36 PM hiro <23h...@gmail.com> wrote: >>> explanation of dp9ik, which while useful, only >>> addresses what (I believe) Richard was referring to in passing, simply >>> noting the small key size of DES and how the shared secret is >>> vulnerable to dictionary attacks. >> >> i don't remember what richard was mentioning, but the small key size >> wasn't the only issue, the second issue is that this can be done >> completely offline. why do you say "only", what do you think is >> missing that should have been documented in addition to that? > > Probably how a random teenager could break it in an afternoon. :-)
If we agree that: 1) p9sk1 allows the shared secret to be brute-forced offline. 2) The average consumer machine is fast enough to make a large amount of attempts in a short time, in other words triple DES is not computationally hard to brute force these days. I don't know how you don't see how this is trivial to do. A teenager can learn to download hashcat, all that is missing from this right now is some python script to get the encrypted shared secret from a running p9sk1 server. All the code for doing this is already written in C as part of the distribution, you just have to only do half the negotiation and break out. I think you vastly underestimate the resourcefulness of teenagers. I had previously stated I would publish the PoC that friends of mine in university built as part of their class, I have been asked to not do that so I will not. - moody ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/Tde2ca2adda383a3a-Mf9740abb168ade9f12c1caa5 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription