AGB  ·  Datenschutz  ·  Impressum  







Anmelden
Nützliche Links
Registrieren
Thema durchsuchen
Ansicht
Themen-Optionen

Kleines Weihnachtsgeschenk von der DEC

Ein Thema von TurboMagic · begonnen am 24. Dez 2024 · letzter Beitrag vom 8. Jan 2025
 
Kas Ob.

Registriert seit: 3. Sep 2023
457 Beiträge
 
#24

AW: Kleines Weihnachtsgeschenk von der DEC

  Alt 8. Jan 2025, 09:47
Big thank to you and to Christoph.

You are the maintainer and its your call.

As for non-standard extension, well you made a call and it is right, but i want to explain few things to any one here who want to encrypt data without leaking information (aka best practice and things might be missed), namely the data length,
To do that i want to give an example, lets say this forum do encrypt users name in DB using BlowFish, so a name like our respected Uwe will be 6 bytes in Unicode, encrypting the name without padding (using lets say CTR mode) will be 6 bytes, while when padded will be 8 byte (on all modes), while any name with 4 chars will be 8 bytes and padded will be 16 bytes, so short names will stand out in a table, other names like Wolfeschlegelsteinhausenbergerdorff (36 bytes) will be unique too at 80 padded byte, but if we padded every name to 80 byte, meaning all names up to 39 chars will be the same, and this will prevent any information leak, or at least will decrease the chance to perform any useful information analysis to isolate and differentiate users and their other stored data.

Also when you pushed the separation for padding into its own unit, i had to say my opinion and wrote that code out of now or never, as it is pushed to development, and of course if padding in your current target is for only cipher and what had been standardized, then it is not wrong at all and you call is the right one, as there is no wrong call here, but if you want to leave it with some flexibility to be used with not only block cipher then, lets say this in other words .. some one had to read my very this post to understand how to obfuscate and protect a batch encryption, and even after that he will need to perform/implement the padding (a padding) code on his own !, and that is it.

Thank you again.
Kas
  Mit Zitat antworten Zitat
 


Forumregeln

Es ist dir nicht erlaubt, neue Themen zu verfassen.
Es ist dir nicht erlaubt, auf Beiträge zu antworten.
Es ist dir nicht erlaubt, Anhänge hochzuladen.
Es ist dir nicht erlaubt, deine Beiträge zu bearbeiten.

BB-Code ist an.
Smileys sind an.
[IMG] Code ist an.
HTML-Code ist aus.
Trackbacks are an
Pingbacks are an
Refbacks are aus

Gehe zu:

Impressum · AGB · Datenschutz · Nach oben
Alle Zeitangaben in WEZ +1. Es ist jetzt 10:16 Uhr.
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO © 2011, Crawlability, Inc.
Delphi-PRAXiS (c) 2002 - 2023 by Daniel R. Wolf, 2024-2025 by Thomas Breitkreuz