On 4 January 2011 10:15, Rowan Berkeley <rowan.berke...@gmail.com> wrote:
> I don't know much about cryptography, but if I could compare the > situation to a box with a lock on it, it should be possible to see the > keyhole at least. Thus, I would expect it to be possible to look at the > file and say, yes, this is a text file encrypted with AES256, and it > requires a password of x characters to open it. R > I think you may be oversimplifying this... I do not see how you'd be able to ascertain the number of characters at all, as the password would clearly be encrypted itself... Take md5, for instance... mysql> select md5('hello') from dual; +----------------------------------+ | md5('hello') | +----------------------------------+ | 5d41402abc4b2a76b9719d911017c592 | +----------------------------------+ 1 row in set (0.00 sec) mysql> select md5('this is a very long password') from dual; +-------------------------------------+ | md5('this is a very long password') | +-------------------------------------+ | d25dcb07b6b0d7d5ca6ee555d73a50ce | +-------------------------------------+ 1 row in set (0.00 sec) mysql> >From those two strings you would not know that one was 5 characters and the other significantly more, as the encrypted version is almost the same length in both cases... Sean
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/