On Tue, 28 Apr 1998, Philipp Schaumann wrote:
> I am not a specialist in cracking encryption, so I always wondered how one
> actually determines that a brute-force attack succeeded. Trying all the
> iterations of keys is fine, but how do I determine that I got the right one?
There is normally one of
GET
HEAD
PUT
POST
as the first few character if it is https :-)
> Is there something in the algorithm that allows the program to detect that
> it got the right key, or do you look for something that resembles English
> words? If this is true, then running a compress first would mess up that
> strategy.
The protocol has its own integrity chech, which is encrypted, so if the
encryption is correct, that data will pass the checks.
There are also MACs, again, get the key information and these will pass.
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
