Path: utzoo!attcan!uunet!aplcen!samsung!umich!terminator!terminator.cc.umich.edu!wes
From: wes@terminator.cc.umich.edu (Wesley Craig)
Newsgroups: comp.protocols.kerberos
Subject: Re: Dictionary attacks
Message-ID: <1990Jun15.164640.5090@terminator.cc.umich.edu>
Date: 15 Jun 90 16:46:40 GMT
References: <UaSBcy=0Bww25YSmBx@transarc.com>
Sender: usenet@terminator.cc.umich.edu (usenet news)
Organization: U of Michigan, ITD Research Systems
Lines: 13

In article <UaSBcy=0Bww25YSmBx@transarc.com> Ted_Anderson@TRANSARC.COM writes:
>  As long as there are more than eight bytes we
>can predict the plaintext to the first round of encryption in the CBC.
>Now we separately compute the encryption of this text with all the
>passwords of interest.  This list is sorted and becomes the
>"dictionary".  Now we look each of the responses from the first step up
>in this "dictionary", every match gives us someone's key.

I believe that the confounder was introduced to (surprisingly) confound
this attack. The confounder is a random number at the beginning of the
encrypted packet, thus removing the possibility for the attack above.

wes