
	Where results make sense

Topic: Weak key

Related Topics

Key West, Florida

The Lesser Key of Solomon

key cryptography

key music

public key cryptography

Key West

Florida Keys

asymmetric key algorithm

Alicia Keys

symmetric key algorithm

public key

Cryptographic keys

In the News (Wed 3 Dec 08)

Damian Green

Sumner Redstone

Crimson Tide

Tommy Tuberville

Bill Clinton

Wayne Rooney

Vilasrao Deshmukh

Wake Forest

Grand Slam

Oklahoma State

	Weak key - Wikipedia, the free encyclopedia
		Weak keys usually represent a very small fraction of the overall keyspace, which usually means that if one generates a random key to encrypt a message weak keys are very unlikely to give rise to a security problem.
		When the number of weak keys is known to be very small (in comparison to the size of the keyspace), generating a key uniformly at random ensures that the probability of it being weak is a (known) very small number.
		However, weak keys are much more often a problem where the adversary has some control over what keys are used, such as when a block cipher is used in a mode of operation intended to construct a secure cryptographic hash function (eg Davies-Meyer).
	en.wikipedia.org /wiki/Weak_key (682 words)

	Q60:What is a Weak Key for a Block Cipher? (Site not responding. Last check: 2007-10-08)
		Weak keys are secret keys with a certain value for which the block cipher in question will exhibit certain regularities in encryption or, in other cases, a poor level of encryption.
		However, in both these cases, the number of weak keys is such a small fraction of all possible keys that the chance of picking one at random is exceptionally slight.
		Of course for other block ciphers, there might well be a large set of weak keys (perhaps even with the weakness exhibiting itself in a different way) for which the chance of picking a weak key is too large for comfort.
	www.x5.net /faqs/crypto/q60.html (215 words)

	Weak key -- Facts, Info, and Encyclopedia article (Site not responding. Last check: 2007-10-08)
		In (Act of writing in code or cipher) cryptography, a weak key is a (A lever that actuates a mechanism when depressed) key which when used with a specific (A person of no influence) cipher, makes the cipher behave in some undesirable way.
		In operation, the secret 56-bit key is broken up into 16 subkeys according to the DES (Click link for more info and facts about key schedule) key schedule; one subkey is used in each of the sixteen DES rounds.
		Blowfish's weak keys produce bad (Click link for more info and facts about S-box) S-boxes, since Blowfish's S-boxes are key-dependent.
	www.absoluteastronomy.com /encyclopedia/w/we/weak_key.htm (682 words)

	weak key (Site not responding. Last check: 2007-10-08)
		In cryptography, a weak key is a key which when used with a specific cipher, reduces (or even in some cases, eliminates) the security expected of the cipher.
		That is, cryptanalysis of that message becomes either easier or trivial when such a key is used.
		The existence of weak keys for a particular cipher does not necessarily imply that all keys, or other keys, are also weak, nor that the cipher is therefore insecure.
	www.yourencyclopedia.net /weak_key.html (638 words)

	Weak Keys in RC4
		Since 1 in 256 keys is weak, and there is a 13.8% chance that the assumed value of K[2] will be correct, there is only a 0.054% chance of finding the key this way.
		Now while an isolated weak key cannot be identified simply from a known generator output, this cycle of weak keys at known intervals can be identified using statistical techniques since each of the weak keys has a higher than expected probability of generating the _same_ initial byte.
		Assuming that the "510-key gap" is narrowed down to 1 of 8 weak keys, the attacker can search a key space which is 24 bits less than the size of the session keys, with a 13.8%/8 chance of success, effectively reducing the key space by approximately 18 bits.
	marcel.wanda.ch /Archive/WeakKeys (2800 words)

	Guile Reference Manual: Memory Management
		Weak references let you attach bookkeeping information to data so that the additional information automatically disappears when the original data is no longer in use and gets garbage collected.
		In a weak key hash, the hash entry for that key disappears as soon as the key is no longer referenced from anywhere else.
		Weak vectors are mainly useful in Guile's implementation of weak hash tables.
	pingus.seul.org /~grumbel/tmp/guile-1.6.0/guile_32.html (750 words)

	Weak key - InformationBlast
		In cryptography, a weak key is a key used in a cipher that makes the action of the cipher weaker than normal.
		In the algorithm, the secret key is broken up into subkeys according to the key schedule, and one subkey is used in each of the sixteen rounds.
		This occurs when all the key bits are zero or when they are all one, or when the first half is all ones and the second half is all zeros, or vice versa.
	www.informationblast.com /Weak_key.html (441 words)

	Cryptanalysis of ICE
		Weak, or self-decrypting, keys are keys which, if they are used to encrypt the same data twice, produce the original unencrypted data.
		These keys can be found by setting up a series of linear (under XOR) equations expressing the fact that the schedule of key 1 is the reverse of the schedule of key 2, then solving the equations.
		ICE avoids this weakness in its extended variants by extending the key schedule with insertions in the middle of the schedule.
	www.ussrback.com /crypto/ice/cryptanalysis.html (769 words)

	[No title] (Site not responding. Last check: 2007-10-08)
		Weak keys are now explicitly permitted in the rsa-md5-des, rsa-md4-des, and des-mac checksum types, because we aren't currently checking for weak "variant" keys at key generation time, and may have stored keys with weak variants.
		Weak keys are now explicitly corrected in 3des key generation, because Heimdal does it, and while MIT doesn't, it wouldn't actually work with such keys anyways, and users' keys may be stored long term in KDCs.
		The nature of the weak keys is such that it is extremely + Many of the choices concerning when weak-key corrections are + performed relate more to compatibility with existing implementations + than to any risk analysis.
	www.mit.edu /~raeburn/draft-ietf-krb-wg-crypto-03-04-xdiffs.txt (601 words)

	Blowfish (cipher) - Wikipedia, the free encyclopedia
		Four rounds of Blowfish are susceptible to a second-order differential attack (Rijmen, 1997); for a class of weak keys, 14 rounds of Blowfish can be distinguished from a random permutation (Vaudenay, 1996).
		In 2005, Dieter Schmidt investigated the Blowfish key schedule and noted that the subkeys for the third and fourth round are independent of the first 64 bits of the user key [1].
		Each new key requires pre-processing equivalent to encrypting about 4 kilobytes of text, which is very slow compared to other block ciphers.
	en.wikipedia.org /wiki/Blowfish_(cipher) (898 words)

	Zvon - RFC 2451 [The ESP CBC-Mode Cipher Algorithms] - Cipher Algorithms
		The length of the key correlates with the strength of that algorithm, thus larger keys are always harder to break than shorter ones.
		Weak keys are keys that produce the identical entries in a given S-box.
		The keyed DES function is iterated three times, an encryption (Ek1) followed by a decryption (Dk2) followed by an encryption (Ek3), and generates the ciphertext (C1) for the block.
	www.zvon.org /tmRFC/RFC2451/Output/chapter2.html (1246 words)

	[No title]
		Relying on weak phase 1 authentication followed by traditional unilateral schemes in Xauth (protected by suspect session keys derived in phase 1) must be considered a violation of ISAKMP [MSST].
		Discovering a Weak Pre-Shared Secret in IKE ---------------------------------------------- (Part I. Aggressive Mode) ------------------------- In general when a protocol uses a weak key for authentication, it is often possible to discover that key by making use of each peers' expected behavior when forming the protocols messages.
		Both established session keys k' and k'' are known to the adversary, and M can simulate an encrypted tunnel between I and R by repeated decryption and re-encryption.
	www.ima.umn.edu /~pliam/xauth (1836 words)

	EAP Password Authenticated Exchange
		If a weak key is used or a expiration period has lapsed, the authentication server forces a key update.
		Key updates using a certificate is a slight variation on Halevi and Krawczyk's proved mutually authenticated Diffie-Hellman scheme [HK99]Halevi, S. and H. Krawczyk, Public-key Cryptography and Password Protocols, February 1999.
		Given a current session key, they can neither discover the entropy used to generate it, nor the key used to encrypt that entropy as it was transmitted across the network.
	www.cs.umd.edu /~clancy/eap-pax/draft-clancy-eap-pax-01.html (5311 words)

	Re: key processing for manual and dynamic SA
		There are other keys ("possibly weak" in Scheier) in paul> DES that you may or may not want to check for, as well as weak paul> keys for other algorithms (IDEA, Blowfish).
		The chance that (a) tytso> a weak key is negotiated, and (b) a IPSEC packet is tytso> re-encrypted in another key, and (C) the key used to tytso> re-encrypt the packet is the weak key's analogue.
		Of course, different encryption algorithsm may have tytso> weak keys with different properties, such that it would be a tytso> good idea to do something to avoid weak keys.
	www.sandelman.ottawa.on.ca /ipsec/1998/07/msg00227.html (798 words)

	ER and EER to Relational Mapping (Site not responding. Last check: 2007-10-08)
		Step 2: Mapping of Weak Entities - each weak entity becomes a relation (table) in the relational schema, the primary key from the identifying entity is concatenated in to the weak entity relation, becoming a foreign key in the weak relation.
		The primary key of the weak relation is the weak key together with the foreign key.
		The primary key of this new relation is the concatenated keys from both sides of the M:N relation.
	www.ecst.csuchico.edu /~melody/courses/Fall2003CSCI273/ERmapping.htm (391 words)

	DES (GNU cryptographic primitives and tools, version 2.0.0)
		DES is a 64-bit block cipher with a 56-bit key, developed by IBM in the 1970's for the standardization process begun by the National Bureau of Standards (now NIST).
		Weak keys (parity adjusted): If all the bits in each half are either 0 or 1, then the key used for any cycle of the algorithm is the same as all other cycles.
		In other words, one key in the pair can decrypt messages that were encrypted with the other key.
	www.gnu.org /software/gnu-crypto/manual/api/gnu/crypto/cipher/DES.html (536 words)

	[saag] Standards for Key Derivation (Site not responding. Last check: 2007-10-08)
		Notionally, the weak keys are also >called "weak" for a reason -- meaning there might be other efficient >ways to attack that would cull out a weak key, but not a strong key.
		It referred to keys that had the property that, due to symmetries in the DES key schedule algorithm, would result in transforming plaintext into plaintext, when the algorithm was applied twice, in ECB mode.
		Since ECB mode is not intended to protect user data, and since super encryption of this sort would thus be very unlikely in general, the risk posed by weak key use in DES was always pretty marginal.
	bs.mit.edu /pipermail/saag/2001q4/000302.html (423 words)

	Zvon - RFC 2405 [The ESP DES-CBC Cipher Algorithm With Explicit IV] - Key Material
		The mechanism will derive raw key values, the derivation process itself is not responsible for handling parity or weak key checks.
		For example, for a cost of $300,000, a 56-bit DES key can be recovered in an average of 19 days using off-the-shelf technology and in only 3 hours using a custom developed chip.
		While the above does not provide specific recommendations for key lifetime, it does reinforce the point that for a given application the desired key lifetime is dependent upon the perceived threat (an educated guess as to the amount of resources available to the attacker) relative to the worth of the data to be protected.
	www.zvon.org /tmRFC/RFC2405/Output/chapter4.html (529 words)

	lua-users wiki: Garbage Collecting Weak Tables (Site not responding. Last check: 2007-10-08)
		The problem with weak tables is that they establish a contingency relationship between key and value which is not known to the garbage collection algorithm.
		Unfortunately, the code I was writing was almost guaranteed to create circular references between weak keys and corresponding values, and I realised that it was unworkable with the proposed implementation.
		It is not in general easy to know whether a key is reachable from a value, and it is this sort of analysis that garbage collection is supposed to avoid.
	lua-users.org /wiki/GarbageCollectingWeakTables (906 words)

	SSLeay 0.9.0b docs (Site not responding. Last check: 2007-10-08)
		If you are using 'random' keys, the chances of hitting a weak key are 1/2^52 so it is probably not worth checking for them.
		A des_key_schedule is an expanded form of the key which is used to perform actual encryption.
		If des_check_key is non zero, zero is returned if the key has the wrong parity or the key is a weak or semi-weak key, else 1 is returned.
	www.di.unito.it /~rabser/ssleay/deskeys.html (403 words)

	Проект OpenNet: MAN des_is_weak_key (3) Библиотечные вызовы (FreeBSD и Linux)
		The first is the generation of a des_key_schedule from a key, the second is the actual encryption.
		The key schedule is an expanded form of the key; it is used to speed the encryption process.
		The new key is placed in the des_cblock that was passed (by reference) to the routine.
	www.opennet.ru /man.shtml?topic=des_is_weak_key&category=3&russian=1 (1635 words)

	PimpRig Forums - Slashdot // WPA Weak Key Cracker Posted (Site not responding. Last check: 2007-10-08)
		WPA is the replacement for weak WEP keys in the original 802.11b specification.
		Robert Moskowitz of ICSA Labs released a paper almost exactly a year ago documenting how WPA keys that were short and lacked randomnness could be subject to cracks.
		Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits.
	www.pimprig.com /forums/printthread.php?t=27867 (164 words)

	dBforums - erd to db
		A weak entity type W with a partial key w.
		weak relationship R between E and W. The usual way to implement this is to introduce a table for E with primary key e, and
		The primary key of this table consists of all its columns.
	www.dbforums.com /t329360.html (4458 words)

	des_crypt(3)
		A string that is converted to an 8-byte DES key.
		The input is a DES key and the output is equal to 1 if the key is not a safe key to use; it is equal to 0 if it is safe to use.
		If the DES key shared between two Kerberos principals is used as the initial seed, then since the checksum that results depends upon the seed, the ability to produce the checksum proves identity and authentication.
	helsinki.fi /atk/unix/dec_manuals/DOC_40E/HTML/MAN/MAN3/0732____.HTM (658 words)

	9.4 Weak Dictionaries (Site not responding. Last check: 2007-10-08)
		A weak dictionary is much like an ordinary dictionary and supports the same API.
		If the item is only reachable through one or more weak dictionaries, the corresponding entries will automatically be dropped from all weak dictionaries at the next garbage collection.
		Each weak dictionary is associated with a finalization stream.
	www.mozart-oz.org /documentation/base/weakdictionary.html (274 words)

	Wireless LAN Security
		That authentication process key is re-used as the WEP key, which means not only the authentication but subsequent encryption are compromised.
		Some of the WEP initialization vectors (IVs) that pad key length are weak and can also be found by capturing enough packets, leading to key compromise.
		The key point is that multiple vendors support Wavelink because it complements their solution.
	www.netcraftsmen.net /welcher/papers/wireless02.html (3361 words)

	Slashdot \| WPA Weak Key Cracker Posted
		So a WPA key generated from the passphrase "abc", although still being 256-bit, can be cracked within the time of a 16 bit brute force attack.
		This is done by simply generating WPA keys from all passphrases between "aaa" and "zzz".
		Once the WEP key is broken (or if there is no WEP key, just MAC filtering), you simply listen to the traffic to get a MAC address that's allowed, and use that.
	it.slashdot.org /it/04/11/05/2143226.shtml (3143 words)

Try your search on: Qwika (all wikis)