Dennis Lee Bieber <wlfr...@ix.netcom.com> wrote: > On Wed, 7 Oct 2015 13:05:07 +0000 (UTC), alister > <alister.nospam.w...@ntlworld.com> declaimed the following: > > > >With a simple Cesar the method is "shift the alphabet by 'X' characters > >and X is the key > > > >if the key is unknown then the attacker still has to brute force the > >method (admittedly with only 25 options this is not difficult) > > But who'd consider that with just one-case and alphabet only... > > At the least include upper, lower, numbers, and basic punctuation -- > that will add a few more cycles of computation time to break <G> > > > But the other point, yes... The most used encryption systems have > publicly known/reviewed algorithms and rely on the secrecy of the key(s).
Which makes a nonsense of using a super-secure algorithm in many cases. If you are doing in-place symmetric file encryption then it's the security of the key hashing algorithm that matters much more than the actual encryption used on the file. Using ccrypt, enc, etc. for file encryption means the password that encodes the encryption key is saved with the file so brute-force attacks to get the key are quite straightforward. -- Chris Green ยท -- https://mail.python.org/mailman/listinfo/python-list
