lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <88F813B1-B28D-4D86-89BF-FE03E50695AB@gmail.com>
Date: Thu, 5 Jul 2007 15:05:05 -0700
From: Andrew Farmer <andfarm@...il.com>
To: Dan Becker <list@...nixsolutions.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Does this exist ?

On 05 Jul 07, at 06:20, Dan Becker wrote:
> I have an idea that won't leave me alone and this list seems to  
> have the most potential for knowing if the idea exists. My  
> apologies for a somewhat offtopic post.
>
> Would there be a way to create a  rainbow table of tcp packets to  
> be used to generate one packet for every 1000 or so normal packets  
> simply by matching hashes with databases on both ends ?

No; for a 128-bit hash (for example) there are only 2^128 packets  
which can be uniquely represented. This is far below the 2^12144 1518- 
byte packets which are possible, so - by the pigeonhole principle,  
there will be collisions. Increasing the hash size won't help unless  
you make it at least as large as the packet, at which point you  
aren't gaining anything.

Computing such a rainbow table is computationally impossible, anyway.  
The largest keyspace which I know of that's been brute-forced was  
somewhere around 64 bits, and that takes either dedicated hardware or  
a distributed-computing network. 128 bits is believed to be  
physically impossible, and even that is just barely enough to fit a  
TCP header into, without any data.

If the data being transmitted over the link is reasonably redundant,  
then you might get lucky and be able to just hash the relevant  
packets ahead of time. However, you could probably do even better  
with a purpose-built compression scheme anyway.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ