ENCRYPTION IS DEAD, AND WE KILLED IT

And? Who uses it and for what? All we know now that it's very common, but how common is it really? Are credit cards at risk? Or certain sites? Or what?

This fucking thing is huge even if its only OpenSSL , the factall keys that were generated used OpenSSL to date are crackable is fucking massive.

This.

All this does is give us an open door. We need to ask tech if this is exploitable.

This is not Holla Forums idiot, i don't know what the fuck you are talking about.

Would this affect bitcoin users?

...

Most definitely. Bitcoin is fucked. This might even crash the USD if we're not careful.

It's that big.

Basically every single file that used OpenSSL to protect itself is easy to bust as the key to open the file wasnt being randomly generated.

That is nice, but who uses OpenSSL to encrypt their files. Banks? Government agencies? Big guys?

You'll have to bear with me a moment here - what kind of systems are dependent on OpenSSL, and how many people are even affected?

SELL NOW!!!

=OPENSSL IS PART OF HTTPS FOR THE BROWSERS THAT IMPLEMENT IT=

i have no idea what any of that means. but have we started the fire?

I am so glad i avoided bitcoin.
That fucks over many tech savy people.
Fortunately, i have a broad chessboard of options.. just need to learn code to exploit my business knowledge.

While i am reading this, we are also training with code.

Where is Holla Forums on this? Where is slashdot? Where is theregister?

OpenSSL is used EVERYWHERE!

does this mean we can crack the wikileaks insurance files?

Yesh, the fire rises!
You know, the problem is that there are people who can't comprehend the limits of their knowledge. Basically if they know something, then they assume that everybody else is aware of it. I think most of these tech-savvy people are like that, and so that is why they can't just type out what the fuck is going on: they don't know what we don't know.

Can this hurt the Rothschild ZOG empire?

So literally fucking nothing unless you're afraid of being doxxed.
Come at me.

GET OUT

pic

Someone go post it to Holla Forums, I don't use it

Yes.

And this means….

No this benefits them. They went gold and the alternative just got compromised.

How (((convenient))).

My granddaughter taught me how to use this cell phone and what is this pls

?

So fucking do it.

its happening

Only faggots and redditors spell dox with two x's. Which are you?

Working on it :)

Is it happening?

I don't give a fuck about encryption. If someone wants to look at my files, then let them. They'll be bored searching through my BBW mature blowjob porn folders, and my online shopping for rocket propelled grenades and nuclear material for a 'dirty bomb'. The maps I bought of London, Paris and Berlin may raise an eyebrow, Allahu Akbar my brothers. 72 virgins await in Valhalla.

Just read this:

It seems possible the kikes have awoken and are truly attempting to shut it down. Bitcoin specifically?

You dont fucking get it , OpenSSL is used everywhere as a source to protect highly valuated content this is fucking huge.

...

We should compile a list of everything that is vulnerable and have a group discussion about how we can use this event to further our own interests, like stopping white genocide.

Not joking.

NO SURVIVORS

Fuck
Also that is also why the gold standard is retarded. The kikes have a huge amount and can manipulate it.

((They)) are definitely going to come at bitcoin with this.

How would this affect the USD?

I second this.

nothing wrong with some tar after drinking white wine

...

this means antifa and la raza thugs all have your address now, doesn't it?

Started thread on Holla Forums
>>>Holla Forums700406
Apologies for shit op. On a phone.

Literally everything that has ever used https is vulnerable.

Most banks, governments, etc.

When this truly gets out to the media, they will all shut down. At least for a day or so until they put in a backup. At least the governments should have some kind of backup. Banks… not so much.

If someone wanted to, they could use this to crash bitcoin, or use the exploit to get bitcoins to then cash out with USD. Then the whole thing with the banks.

Thanks user

news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html

Its like everything.

A huge faggot please rape my face.

AWS

can someone confirm this?

Consider it done.

You can make a lot of money now lads.. how far can you go?

I dont know shit about computers, but we need to act on this now to maximize the benefit we can attain from it. People who know what they are talking about need to start a separate thread just for explaining how this works, and compiling as many things as we can which are vulnerable before they arent vulnerable anymore.

Besides, if we're going to gas the kikes why does it matter if they own shiny metals?

code illiterate here, what are the odds we see a bunch of 'hack the planet' dudes taking over/seriously messing with websites like these?

Question:

Was this exploit an intentional backdoor set up for the likes of the NSA, or is it a legitimate bug?

Second question:
Was this made public by someone with an agenda or was it discovered serendipitously by some 400 pound hackers?

Hypothetical:

There's nothing wrong with being attracted to large women.

What does this mean for VPNs?
Should I sell my Bitcoins?
Is anyone else reporting on this? (If they are, this could cause a widespread panic that will effect someone somewhere monetarily)
I have so many questions. What's a goy to do!

Properly done, there is no way to tell the difference between the two.

...

Chinese are instituting a large number of anti bitcoin measures as they don't want their citizens trading out their government fiat for it.
Not sure if its related but it is relevant

i wanna know whats in the wikileaks insurance files so bad.

first world people and jews will potentially find a temporary solution but what about less tech savvy third world?

She's teetering on the edge of what I would consider BBW. That's generally considered "plus size" in my book. BBW is something different, to me.

From the looks of it, NSA.

As for the second question, I'm really not sure. Apparently from asking around MD5 being broken as been known for a long time, but the kikes still chose to use it anyway.

It seems like it was discovered by an user though, because if the kikes wanted to sink bitcoin this would have been released already.

Hahahahahahahahaha

...

Plunder them and rape their waifus

You mean like debt and funny money?

legit lol'd

Interestingly enough the Chinese have bought a lot of bitcoin lately. May this be a directed attack not only on OpenSSL but on bitcoin itself?
And the price of bitcoin just reached it's peak. Perhaps this will be used to discourage goyim to buy in the future.

Fuck off. Sick and fucking tired of chronic shit posting faggots like you constantly trying to prove how much of an oldfag they are by derailing every fucking thread with infighting over insignificant trivial bullshit, nitpicking at every little goddamn imagined slight that trigger them. KILL YOUR SELF FAGGOT.

how do I make money off this?

...

...

Take it easy man, let's praise Kek and hope he's just busy meming the end of Fight Club into reality

...

You appear a bit angry.

You are mean.

Only faggots and redditors put a space between YOUR and SELF. Which are you?

TO CONCERNED ANONS

This just means that SSL/TLS is compromised. This doesn't mean that other protocols are. This just means that it's easy peasy for anyone (re: govt) to MITM you and see what you're looking at by intercepting your data. Govt's favorite thing is to shit on the entropic nature of RNG, here's a past example of note:

bbc.com/news/technology-24048343

Basically, what they're saying is, get on a VPN you fucking dummy.

privacytools.io

...

Spotted the D&C kike.

So we can look at those WikiLeaks insurance files now or no?

DOES THAT MEAN WE CAN HAVE UNIX TIMESTAMP IMAGES BACK?

Can i rob banks with this? I want a nice retirement-fund with this and i don't care i steal ((their)) money, they had it coming.

I'm sure that he's a shill, take it easy.

The way I am reading it. It requires known plaintext information. Such as a salt. At the start of the encrypted data. This cannot be used to break bitcoin.

Hi, FBI.

this
ignore and filter the other anons

hop in a fucking oven, redditkike

trips says yes… eventually.

Dubs confims

Nice digits lads.

Insurance should be here shortly… maybe. If any other anons who understand what this is want to take a crack at it before I can by all means, go ahead

What the fuck is this "entropicu nuturu~" cuz all that comes to mind is that fucking thing in Dragon Age Origins I can't exactly describe.

That's if you use the old key generation scheme. Libressl uses pbkdf2 by default.

When someone builds a time machine

short bitcoin

So we have a race against the kikes to see who can get more bitcoins now?

Hello Jidf, don't think we've forgotten about 2008.

...

Where can I find the encrypted wikileaks files?
Are they actually cbc encrypted?
I want to try this.

nows a pretty good time to short bitcoin, not as good as middweek was though

This is the one thing the media might need to shut down. This sounds huge.

Why didn't bitcoin users buy gold?

Currencies like bitcoin are only useful until the bitcoin fails. Gold doesn't fail.. until fusion gets somewhere.

If i remember correctly the yuan is also gold backed.. interesting.

See above.

They'll migrate for gibs me dats.

...

twitter.com/wikileaks/status/743824112376766465?lang=en

The more modern ones are compromised.

...

It could be, if BTC used the same key derivation scheme, but see:

Assumption being there are people in the media that have the intellectual capacity to understand the situation…

This a myth, both doxxing and doxing are fine. This lie was also being spread on endchan and lainchan (lefty central) for the past month to discredit people and slide discussion.

...

They don't need to understand the situation, they just need to follow orders.

are you implying they write their own headlines?

1. How do i purchase bitcoins
2. What do i do with regards to wallets
3. What is the most comfortable brand of kneepads available?

I'm implying that the people at the top aren't tech savvy enough to put a headline together.

Has Lain been compromised already? She's been on Holla Forums a lot recently. Don't let her go easily.

2016 was a big year. Normies are beginning to get gud.

Don't buy bitcoin now user, wait for the big crash to happen, THEN buy.

1) Use Jewgle or something similar.
2) Use Jewgle or something similar.
3) Use Jewgle or something similar.

Reddit has nothing to do with white space, it's a D&C shill tactic to turn Holla Forums against itself.

Notice that faggot is also one of 2 shitting up this thread with 3DPD. See

This is exactly the kind of thread you kikes would be trying to derail. Maybe that comes off as paranoid, but D&C and porn are A#1 Jew tactics.

The dox doxx doxxx thing is another idiotic D&C meme, the number of Xs does not correspond to a particular website.

We need to re-read

Back to the topic at hand, holy shit, bitcoin crash is going to be amazing.

That's a good point. I feel like this will go over the heads of all but the people who work with this stuff on a daily basis.

...

Sorta-Holla Forums here,

From my own understanding, it's just showing the algorithm for key generation isn't random. Which breaks the extra layer of protection that salting a password would usually provide. Without knowing the password though, there really isn't much a typical Joe could do.

In short, I think this opens the possibility for more easily bruteforcing salted passwords, but it's not like this suddenly opens the gate for anyone to decrypt shit automatically.

It's really annoying whoever wrote that pastebin didn't link to the post they referenced and we have no further info from them. Surely if it was OP himself he'd provide deets.

Hope this helps,

Sadly i think so, either that or a bunch of dedicated leftists are spamming it non-stop. Wich is also possible, seen as how Holla Forums was atacked the last few days, maybe ((someone)) was prepared before hand for this event

Can someone explain in plain english what all this means?

You clearly haven't talked to many normies recently, there are root vegetables out there that know more about tech than most normies.

But that takes effort.

Effort is for chumps.

...

bitcoin is fine.

They'll probably claim it was super bad anonymoose hack0rz that are out to kill your dog and shag your grandmother and Pepe told them to.

You're supposed to actually read the manual before you start posting. You're not on reddit duty, the little things matter.

What version did this bug start in?

I read the post and gathered there's a threshold for brute forcing which can be reached through convenient exploits like this. Thus someone with understanding of breaking encryption can now force open security that was simply too time-consuming before. If the complexity of breaking the encryption is reduced too far, it becomes trivial to brute force it. Reduction in complexity = exponential reduction in energy needed to break the code

This.
All it means that encrypted files or messages that use this key derivation algorithm can be cracked more easily, using tools like John the ripper or hashcat, but it still requires cracking. Newer versions already use a better key derivation algorithm, but nevertheless, good password policies will save your assistance even with the old versions.

kill yourself

kill yourself

kill yourself

smh idiots tbh fam

"More easily" could be misleading, though .

gas yourself.

Thread about major encription vulnerability becomes a slide park for shills.
gee I wonder why

That means hackers in the know would be able to do this more easily. Think of it like that scene in eva where ramiel drills through barriers. That's less barriers to protect the information.

Reported and filtered for being a D&C shill.

==spaceWORDSspace==

For example, from OP's link:

NOT NEWS

NOT NEWS

NOT NEWS

TAKE YOUR MEDS

TAKE YOUR MEDS

TAKE YOUR MEDS

Appreciate the follow up explanation on the end result simply being a lowered threshold for bruteforce actually being feasible, well written.

Hope your post and mine get some more visibility so people can stop spamming about being Hackerman.

you have literally never read a book in your life

What about the left, they seem to be trying hard to kill us.. though ironically they have to become like us (making it pointless)

So its been patched out?

Don't listen to the kike.

This is literally impossible to be patched out.

I read Dr Seuss once.

Doubt it buddy!!!

People won't understand this, the value will go down when they panic.
The meme is important in stock prices remember.

how new are you

You can't short bitcoin faggot.

kill yourself idiot

What about the left?

Simply by association with the left they are dim, ever wonder why Trump never got hacked running up to the election?

Nothing to do with him being clean as a whistle, everything to do with the fact most people with ability support Trump, or at the very least despise Clinton.

Basically, the impenetrable layer become far more penetrable?

You do know those files are the only thing keeping Assange from being suicided, right? We can't afford to lose such a valuable ally.

If you are too poor to paid a vpn and have a decent chain proxy going on you are the idiot my shlomo amigo.

Sorry, I'm retarded. Why will this affect bitcoin?

Yup.

Also as someone else just recently posted this has been known for a while.

So as long as people use more complex ciphers such as 3DES instead of MD5 to encrypt with, it's still going to be more difficult to bruteforce. MD5 is pretty laughable and shouldn't be used in the first place imo.

you're speaking dumb gibberish like some kind of nigger. read a book and try again idiot.

It's still news. Older versions are still vulnerable (from what i gathered, it's all greek to me.)

I don't give a fuck if MI5 and GCHQ are ripping my files apart. As long as the cunts don't destroy my computer. I very much doubt that they have the manpower for such a task. Do you think that you're so important for government agencies to be directing their energy at you? I enjoy shitposting and getting stupid people to bite.
Encryption is not an option. It will always get broken. PGP seems to work, but if someone wants your data it will just slow them down. They will still get your data.
Banking online is a risk, but it's one that I take for convenience. Balancing security with convenience is a challenge. eg. if you want total security, then you must dispense with convenience. The two cannot meet as they are opposites. Most of us don't care about that as we go on about our lives.

Sure, we have passwords, PIN numbers, locks on our doors. All can be broken or bypassed with little effort.
I live in a rural area with almost no crime. Crime is a bigger factor in the cities. I have no fear of being robbed here. But I am more aware in the city. As the conditions change, then so does my situational awareness. It's instinctive

youtube.com/watch?v=HbeXL6AXmi0.

What about see spot run?

ok

but vpns use SSL to encrypt data from your real IP to the VPN server as well. Does the MITM stand between you and the VPN or between the VPN and your target web adress?

Jewish communists user.

I don't know, this thread makes me feel stupid.

Fairly plain language there, what could they have meant by it?

At least we have each other, user.

What did they mean by this?

k

That reminds me, didnt WL change something with their encryption a while ago which caused the hashes to not match?
Maybe because of exactly this?

This means the salt (the random seed) is not a salt, since it's not a randomly generated number but an assigned one.

What it means is an NSA contractor placed this obfuscated bug into the codebase years ago and every SSL certificate generated using openssl since then has been created in a way to allow anyone with knowledge of this to unencrypt data in short time.

In other words, the NSA has been reading 90% of "encrypted" traffic totally unencrypted since the beginning of time.

Unless you lucked out and your VPN provider happened to use some other software to generate their encryption keys, you wasted your money, you were under a sense of false security, and the government has a copy of *everything* you thought you did in private.

It's not the government that I'm wary about. We made vigilante enemies in that last election and people are underestimating them here.
Remember, there are blackmailers.

This seems to the case. I believe that user hackers or some group have discovered the 'exploit'/backdoor for themselves

From what i gathered.

think:bank login, PayPal transactions, etc.
OpenSSL is over web.

No, what he literally says is that the salt is informing him as to what the password is

It's only marginally hinting him in the right direction of the password by narrowing the possible results to the point where bruteforce is now a feasible method for decrypting weaker passwords encrypted with weaker ciphers.

It's not handing him the password user, I hope that is clear to you.

Heartbleed:

Sounds pretty fucking serious lads

Yes, he said that literally.

I hope you realize what you first posting and what you're posting now aren't the same thing.

WW3 NOW

I know you dont want people to panic but you know very well that outside military and wise people no one is using good ciphers.

So…any windows dev want to take a peek?

thepiratebay.org/torrent/13828151/IDA_Pro_v6_8_150423_and_HEX-Rays_Decompiler_ARM_x86_x64-iDAPRO

forum slide will not work.

So, when it comes to encryption how fucked are we?

Where is v6.95.160808?

No its not as bad as this thread is making it out to be. Bitcoin is fine.

Wew, how the fuck would that even happen if not by design? Who made that commit?

Indeed. Like they said, the NSA/DOD/Alphabet contractor that wrote this code even attempted to hint at the problems with dual-meaning comments. Then some independent researchers discovered this just like they Heartbleed (another purposely injected bug by the .gov)

I think it's just the additional text under the line

Checking the code repository now for other algorithms showing same pattern.
ONE MOMENT PLEASE!

A "contractor" whose checks are cashed by one of any alphabet agencies.

Poul Henning Kamp, a FreeBSD kernel developer did a great presentation at a sceurity conference about how the .gov infilitrated the encryption and security standards committies to overcomplicate the specs to the point where it was nearly impossible to develop a bug free implementation even if one tried.

He also touches upon the fact that much of the "free" oepn source code developed has been contributed by NSA contractors. These "bugs" were most certainly placed there on purpose.

Forgot the video…

I'm not sure about your government. I imagine you're from the US, although I can't be certain.
Your sentence structure and words like 'vigilante' and the 'last election' are enough for me to guess your nationality. Please correct me if I'm wrong.

I'm Scottish. Our government is shit. We're part of the UK, along with England, Wales and Northern Ireland. We had a referendum about 'independence'. It's separation. Not fucking independence. That word makes my piss boil. I live in England. Our countries are close in culture, language, tradition. The law is different, but basically the same. Owning a gun in England is legal. You can't even have an air pistol in Scotland.

The ciphers aren't broken. OpenSSL is for secure communications. Ever wondered what Https stand for? Http over SSL.

Alarmist thread sliding fucks.

...

Bitcoin is absolutely at risk. See:

https:// bitcoin.org/en/alert/2014-04-11-heartbleed

>The version of OpenSSL used by Bitcoin Core software version 0.9.0 and earlier contains a bug that can reveal memory to a remote attacker. See heartbleed.com/ for details.

Then remember this from OP:

So:

Heartbleed did happen. I'm protesting the fact that people are taking it further then necessary. Encryption is still there, and broken implementations like openSSL are here as well. I moved on to gnuTLS.

does this affect muh cp sites?

It affects servers that serve you html pages over https, but kill yourself pedo.

you gonna get buttfucked in jail. I hope your colon bursts and you die of toxic shock

kek butthurt faggots detected

No one is taking it further than necessary as you dont decide what is further than neccesary, they clearly not only planted this backdoor but they were planning to use it to crash bitcoin, clearly it was discover and abused before it went public do you think its a coincidence what happened last week?

The point I want to point out is the alarmism. Encyption cipers like AES are still usable. Communications with openssl are not.

alarmist OP definitely noted

infosec guy here, its fucking nothing. this whole pastebin is a sorry attempt to act like op knows what he is talking about.

Tl;dr op is a fag

...

Thanks for elaborating on why.

Can anyone give me an example of what the pseudorandom function would normally take as parameters when used in a pbkdf?
Perhaps the function to use and the initialization factor based on… what? The password, surely? Otherwise the key wouldn't be reproducible given the password, which is fundamentally necessary, surely?

You need to already have the password in order for this to matter.

Read OP, read thread

bitcoin had a bubble deflate last week, Chinese investors were buying up bitcoin to get out of yuans in a way that wasn't yet prohibited by the state. This inflated the price until the chink government started cracking down, deflating the price to lower but still higher than normal prices. its not a hack of any sort that changed the demand

See the whole thread and think for yourself , there was a collective effort to derail it and this faggots would not even elaborate on why,

user was accurate in the description of the situation but shills will not let you know the truth.

So even truecrypt, which was so foolproof the government took it down, is now open to attack? Damn son, some people are going to be really fucked. I mean everyone uses some form of encryption don't they? Can you imagine if that had happened DURING the election?

Even if you needed that password, it still makes extremely vulnerable to bruteforce.

Okay, hack into everybody's shit then.

Until then, it's fucking nothing.

Their implementation might be.

Looking in "rand_lib.c" it seems that "-salt" is not only useless but is contracting the search space. So if you SALT what you encrypt you are actually leaving a lot of information in the encrypted file which can be used to get the key you encrypted it with. I'm sure its just a coincidence and how everyone is told to salt your files and your encryption is salted by default!

I'm looking at version 1.1.0c.

Truecrypt doesn't use fucking OpenSSL.

Don't forget about that funky thing with "drag your mouse furiously".

And there isn't enough water to wash away the blood.

so can we open the wikileaks insurance files?

Ok you got me. I've never used Truecrypt. I don't even know how it works.

OpenSSL is designed for encrypting communication between computers on a network, like how you're probably using HTTPS to browse this site now.

WAT DA FUGG IS ENCRYTPITION :DDDDD

Okay, OpenSSL is a library that implements a Secure Socket Layer. They are protocols that provide communication security, most commonly between servers and clients. A good example is Https, which your browser is likely using now to communicate with the 8ch.net servers.

So what your saying is it's a mystery.

The more you explain the more panicked I get. Everyone's fucked huh?

Can we finally use our big internet pipes and 256terabytes of ram to rewrite browsers into using PGP for everything under the hood?

I like PGP.

seems fishy its too much of a coincidence to be just an oversight.

seems fishy.

so what does this have to do with AES and the other shit mentioned in the OP?

op is a fucking faggot.

*I like fat nigger cocks
FTFY

Prove it, faggot. Here's an AES encrypted 7z I created just now: dropbox.com/s/lz071vbf4i9nays/awoo.7z?dl=0
Decrypt it or you're full of shit.

...

No, I like PGP. Not fat nigger cocks.
I don't know which board you come from where that acronym stands for that kind of thing, but that's not from Holla Forums.

THIS
THIS
THIS
THIS
Op is full of shit and won't do this.

Did some black guy with the initials PGP fuck your girlfriend or something? What's the beef?

So, `apt-get update && apt-get upgrade` then?

Not OP, nor someone technically minded, but hasn't it been stated that AES doesn't use openSSL and thus hasn't been invalidated by this (assuming it's true)?

It stands for Pozzed Gaping Prolapse.

Are you fucking retarded?
I was mocking for not providing any legitimate argument.

For those of you not familiar with the programming world, "contractor" means an Indian. A man who shits in the street destroyed information security.

The dupe of this thread on Holla Forums got locked and there's no mention of this on very reputable sites.
I'm calling bullshit, OP sounds like one of the schizoparanoiac fucks from endchan who think md5 can be "decrypted".

Fucking faggots not only AES does not use openSSL but even with this you still need to do linear correleation attack on the bit vectors and other annoying things.Using this exploit would just reduce the entropy down to 64+32 bits making its within brute force range with ASIC.

has anyone tried this on the wikileaks insurance files?

The algo uses MD5. Format it properly and you can just chuck it into hashcat, assuming your plaintext password isn't written with Unicode moon runes.

Did you use "-salt" or better question did you use "-nosalt" ?

It stands for pretty good privacy…

This is talking about an issue involving a flawed implementation of AES when hardware acceleration is used. This has nothing to do with flawed key-generator implementation with OpenSSL in general.

You just posted a completely random bug report involving OpenSSL to derail the thread. Nice try Chaim.

which you cannot do in any way if you have just an encrypted file.
What OP paste implies then? That there's an intentional vulnerability in openssl which allows someone to crack encryption in certain circumstances?

get lost alphabet

Fucking faggot the whole point of this is the fact that you dont have to brute force the entire search space anymore.You instead brute force a small random "representative sample" of the search space, gather the leaked information as a set of experimental "results," and adjust your probability distribution (and as a result, the entropy) accordingly, ruling out a huge sections of the search space in the next round of tests, then repeat and iterate towards a solution.

There isn't a vulnerability with AES itself. The OP is claiming there's an issue with the key generator of OpenSSL which is used with various encryption algorithms.

If Holla Forums uses OpenSSL then you can try capturing a few encrypted packets with wireshark or another sniffer from your connection and see if you can crack it.

OpenSSL has been a disaster for decades and the license is still incompatible with 99% of software that uses it. They'll transfer copyright to a troll someday and it will blow everything up.

GnuTLS has vastly superior code and a sane interface but idiots avoid it because they're ideologically opposed to the LGPL and would rather use code they aren't legally able to instead. We've tried for decades to get people to switch and the won't, so don't feel sorry for them. Point and laugh.

COOL STORY Holla Forums FAG

Yep, called it. Nothing to see here.

I think I'm ready to explain.

This isn't that big a deal.

The problems propounded by OP's link are these:
That function needs a special ingredient.
OpenSSL did not use the special ingredient, and instead went off and used its own moronic homebrew bullshit.
It's even worse than just not using the special ingredient. OpenSSL, stupid piece of garbage that it is, actually did some weird inbreeding thing.
This cuts the possible space of keys down bigtime.
It also cuts down on the time to guess keys.
Not only does it do a shitty inbreeding thing, it also leaks information when it goes to do that.
This also cuts down the possible space of keys if you are a smart cookie and you had A+'s in math.
This all makes it much easier to brute force attack.

It is still difficult to brute force attack.
Strong passwords help.
But someone determined could conceivably do it.

This affects anything encrypted with OpenSSL.
Probably for a long time going into the past, and up through right now.

OpenSSL is used by I dunno… two thirds of the internet? It's commonly used to encrypt session traffic: the way you and anything https:// is communicating right now.
So if someone listened in and recorded your session, they could later spend time finding out what was said.
OpenSSL is also sometimes used to encrypt files.
Wikileaks insurance files were probably encrypted using OpenSSL.
Wikileaks insurance files are probably vulnerable due to this.
Wikileaks insurance files are also probably protected by strong passwords.

It's unclear what the timeframe for brute forcing would be given the resources of a state actor.
It's unclear what the timeframe for brute forcing is given the resources of an individual.

OpenSSL has been total garbage since it was born.

OpenSSL is almost certainly compromised in big ways.
Guys with secret clearances have always hinted at what a mess OpenSSL is.

Shame on OP for sensationalizing.

Encryption has not been rendered obsolete.

AES has not been rendered obsolete.

MD5 has not been rendered obsolete (by this).

Truecrypt has nothing to do with this and is fine.

There are alternatives to OpenSSL that server admins should be educating themselves about.

PGP is probably fine, I don't think it uses OpenSSL as a library.

Bitcoin is probably fine, since I doubt that it would bother use a symmetric cipher for encrypting wallets when it has an asymmetric one for signing.

We might be able to find out whose fault this is if we can pinpoint the commit(s) that made this mess.

fucking checked my man

WEW
E
W

Thought I was going to need to check them myself

This is the most elaborate answer so far, any Holla Forumsfags care to comment on this?

Tempted to conclude the same. I don't do infosec, but I know some math. There are claims being thrown around that EVERYTHING — the math, the code, the algorithms — are broken, but the odds of all these things breaking at once is NIL. The thread is just a bunch of nonsense posts that have nothing to do with each other and aren't real issues.

First post in pastebin makes some claim about the salt leaking info about the password. But I can't see any proof that this is an issue (much less an exploitable one).

Second one really seems like nonsense. It's basically explaining that if you know the password and salt, you can generate the key for "openssl enc". But "openssl enc" doesn't really have anything to do with everday SSL online, it's a way to encrypt your files so they can be unlocked with a password. The *point* of the key is that you can regenerate it with the password so you can unencrypt your file later.

Third post mentions a misuse of memcpy that may cause problems under some circumstances. Programmers are constantly screwing up and fixing things like this, but they almost never amount to anything serious.

Same thing about double frees. Yeah, they CAN result in a scary heartbleed-like bug, but just pointing them out isn't that scary, since most of them don't cause an issue.

The next post also seems stupid (though I'm less confident about this, because like I said, I'm math/cs theory, not infosec). A SAT solver can be smarter than a brute force attack for a *bad algorithm*, but I'm pretty sure AES is just as strong against a SAT attack as it is against brute force (MD5 might not be, but that's a separate thing).

Shit, you had the same idea I had. Oh well I was about done typing.

A salt is simply supposed to be a random "sprinkling" of bits over your key before you md5 it. That code looks alright to me assuming RAND_bytes isn't also pozzed out the wazoo. It is judging by the code comments mentioned in this thread.

The real problem with this attack is the greatly reduced entropy caused by the second half of the key generated being derived from the first half. Assuming that the salt is non-random there would be pre-existing lookup tables ("Rainbow Tables" for common plaintext passwords and the known, or small number of salts this thing will be spitting out. inb4 the salt is simply "NSA" repeated over and over to fill out the requisite number of bits.

tl;dr
YOU ASK OPENSSL FOR AN AES KEY AND YOU GET SOME MD5 SHIT INSTEAD, WITH FUCK ALL ENTROPY

Yeah, I agree. OpenSSL is bullshit, but until I see some really detailed math or a concrete proof, I'm pretty confident that AES isn't broken.

It wouldn't shock me if there was a new heartbleed, but nothing I read today gives me any reason to believe this is one.

When hashing passwords, what were advanced algorithms would complicate the user inputted data by 'salting' it with random data. The salting algorithm has been figured out and now partial brute forcing in tandem with what I figure to be rainbow tables has made what was considered acceptably secure now insecure.

I just opened the WikiLeaks encrypted insurance files with this OpenSSL exploit.

Bring back 90s BBSes!

No you didn't.

With this one easy trick!!!

Reminds me of Dwarf Fortress

haha kids these days

post them or BS faggot. Protip you didn't.

According to op's post you can get a password from the key "block" (what is used to actually encrypt the document, derived from the password). If you actually had decrypted the document then you would have already had access to the key file.

There is already a chan being built that will run off the blockchain

Is LibreSSL safe, though? I saw it mentioned once in the paste but I'm not sure if it's safe. All the things I SSL into are OpenSSL anyway so I'm fucked regardless.

...

the new site owner looked like a massive normalfag (someone posted a picture months back), so that could have something to do with it

This type of shill post basically sums up the thread. Salt is used to increase entropy, and cannot be used to guess at a hash due to the avalanche effect. The salting algorithm as not been "found out." Its been known for years. Here is your super sekret salting algorithm that the gay op "found out" and "broke everything" with:

srand(time(0)) % limit;

Ta da. If op wasn't bullshitting he would have known this, but he is.

WHY OP'S POST IS SHIT
Essentially what is happening here is that a password is enlarged by a very gay set of md5 hashes with salt. This larger key, more random key is used to encrypt the document. THIS KEY IS NOT DISTRIBUTED WITH THE DOCUMENT. All they are saying is "hur dur md5 is shit look we can find the original password if we have the key block." If they key block, something that is basically the password, is already known then they can decrypt the document without the password no problem.

the fuck does this even mean?

Don't bother, it's just the blind leading the blind in this thread

If alphabet wanted to read your Holla Forums posts (does Holla Forums even use openssl anymore?) they probably could. This is less scary than heatbleed, but still fuckng scary. Also the Holla Forums servers are in the us, no? They can already read your posts.

will this protect me?

If you're talking about the "openssl enc" command, read the description here

linux.die.net/man/1/enc

This is symmetric encryption with a password. You pass in a password and a file, and it spits out an encrypted file.

Later you pass in an encrypted file and a password and it spits out an unencrypted file.

The entropy is almost solely determined by the quality of your password. It's (pretty much) the only source of entropy.

But if you want to generate a 256 bit AES key those bits have to come from somewhere (and none of them can be random, or you'd never be able to decrypt). What they're doing in their keygen algorithm is just spreading the entropy in the password out "evenly" over those 256 bits.

MD5 isn't a great algorithm, but I don't think the way they're using it here is an issue

how do i condom wifi?

Some of this shit I've never even heard of, blowing my mind.

So upload it faggot.

I'll upload to mega, but in the meantime why not just decrypt with the exploit yourself?

smh tbh fam

Those who'll abuse the shit out of that the most are spies agencies. Chinks must already be forcing their hackers to work 24/7 right now.

So you're saying this:
"first half of the key = MD5(password+salt) second half of the key = first half + MD5(first half+password+salt)"
is normal for key generation?

Pretty sure you opened the fake dump. Mine came straight from Wikileaks themselves.

Put it over the antenna. The signal can't get through.

That's some serious projection there fam

Oh and I accept the presented attack only is for openssl enc now, it's late here.

Is this legit whats inside?
Post the insides of folders

Of course it's not legit. Are you that gullible?

It's legit, uploading to Mega now. Browsed through some of the Soros emails, seems he owns several blood banks, the pizzagate guys are going to have a field day with this.

post a document fgt
any random one will do

I'm not an infosec guy so I couldn't tell you what's normal/not-normal, but I know exactly what they're trying to do and I don't think there's anything wrong with it.

The whole point is to make each bit of the AES key equally difficult to guess. Without knowing the password, you have no way of guessing which bits will be 0 and which will be 1 or which bits will be the same.

If you did something stupid like MD5(key + salf) || MD5(key + salt), you'd only have half the space to search and you might as well have used a 128 bit key.

The method of chaining hashes is usually pretty safe. I've seen that before and I don't think there's anything wrong here. Even if you knew every bit in the first half, it's just as easy to crack the password as it is to guess the 2nd half.

And the reason I don't think MD5 is a huge deal here is that it isn't about cracking the password, it's about reducing the search space.

Ultimately, the whole goal of the step is this:
If you force the attacker to brute force the space of possible passwords, you did a good job.
If the attacker can find a way to search the space of 256-bit AES keys faster than they can search the space of passwords, you fucked something up.

just post the key here you gaynigger

I wonder if riseup.net uses ssl. Someone with computer knowledge (weev pless) sh should dox them

How long before bitcoin gets hacked?

You won't live that long.

Oi cunt. Wrong hemisphere.

Guess I should have read the thread.

...

the salt is not a random seed. the salt is hashed with the password to prevent table lookups of hashed passwords. (by "salting" the password, to change what is actually hashed).

the random seed is used to initialize the pseudo random number generator (prng). badly initizalized prng yields poor randomness, meaning it's easier to predict future values of the prng, making it easier to brute force / attack.

Post key or gtfo faglord

Well, since it would block the internet, technically yes.

...

Your archived version doesn't work without JS and is shit. After allowing JS so I could read whatever the fuck it is you posted I saw this:
Who in the ever loving fuck is still using MD5? MD5 has been considered unsafe to use for over a decade and there were even attacks on it in the early 90s.

I haven't read through everything in detail yet, however entropy is notoriously horrible in computing.

Someone may be interested in real entropy

nosuchlabs.com/

...

IWantToBelieve.tiff

The entirety of OpenSSL is.

Well looks like its time to switch to void linux

OpenSSL being broken is not big news. For most regulated industries a TLS connection, not SSL, is used to transfer sensitive data.

For the past two years since the introduction of the POODLE vulnerability OpenSSL has been phased out of all major information transfers.

For those wondering, OpenSSL is the implicit encryption that is used when transferring data in a HTTPS or sometimes, if severely improperly configured, an SSH session. Mostly you will see this used on old outdated websites.

SSL uses MD5 as one of the possible hashing algorithms, the others being SHA and SHA256. I have the use of MD5 for SSL/TLS disabled right now and I have no problem posting here or using SSL/TLS on any other website that offers it.

If I understand correctly, open SSL is an encryption process for web communication.
How is
if it only affects openSSL.
I'm by no means an expert, but the pastebin says its the "memory management" that's doing manipulation. So the encryptions themselves are not compromised.
So what does it mean for all of us? No web traffic that's using OpenSSL is considered secure. Meaning anyone with access to it could read it.
Can passwords, or their hashes, be intercepted now?
Do critical services such as banks, governments or big corporations even use openSSL?
If they do, what kind of exploits can be expected?
We really need some answers in here!

You may be conflating Openssl with the algorithm SSL like SSLv3

From the man page

SSL connections have not been considered secure for many years. Banks and even shit tier websites that accept credit cards are alll required to use TLS, NOT SSL, TLS 1.2 connections when transfering sensitive data. The only thing taking advantage of this type of exploit is more than likely very targetted malware

...

you actually are correct. my bad kap

anyone get a dox on that professor? all I got was this tetrickfuneralhome.com/obituaries/Larry-Hughes-3/#!/PhotosVideos

There are always surprises. I've heard that a LOT of websites that support TLS don't automatically use it. There are STILL BANKS that don't use TLS for their webservice. (I dont know if they use openSSL or something else unsafe, lets hope they dont).
I just really hope all the effort of the nerds who've been pushing for TLS has been worth it, and no admin of some huge unencrypted password database gets man-in-the-middled.

en.bitcoin.it/wiki/Hashcash

Fuck you, I was already having a shitty birthday. This limey fuck's speech is needed but it still makes my blood boil.

Even reading the entire thread I still have no fucking clue how this will affect me at all.

every-time you see HTTPS in your browser bar, you are affected

This nigger wasn't joking, the exploit works.

HO-LEE-FUCK

Dick = Diamonds

...

POST KEY FAGGOT

FUCKING THIS! WHAT'S THE KEY? SPREAD THAT SHIT! MAKE THE LUGENPRESSE WORK FOR THEIR MASTERS

Oh, shit, wait, if the wikileaks "insurance" files get released early, is Assange going to get blasted in an accidental drone strike?

Can't see how that compromises Bitcoin at all.

Looks like this attack is limited to "openssl enc".

In any case, even if the PRNG is weakened, I think the only thing that might be affected here would be Client-side encrypted wallets, not the Bitcoin protocol itself. So, if someone hax0rz a Bitcoin user's device, provided this weakening is true, then it might be possible for them to compute the password.

Anyway, if meme-panic hysteria hits and causes a Bitcoin price drop because of this, be smart and buy in while it's low.

So https no longer protects me?

...

POST KEY OR YOURE A NIGGER

It's really not news that computers are bad at flipping coins

engineering.mit.edu/ask/can-computer-generate-truly-random-number

If they're running openSSL, which pretty much everyone is, yes. I don't know if this exploit can be done without system access though.

How is your pic related?
Hint: it's not

Signals go through rubber

pic related

it's apparently orders of magnitude less hashing than should be done archive.is/AYyfk

I'm still not so sure, this seems very similar to me as the flaw in wps. You can just ignore the second half and only work on the first half.

Witnessed!

Not sure if you were following what happened post-internet cut-off, but it's quite possible he is no longer at the embassy anyway.

Even this "reduction to 128bits" was talked about as early as Oct 27th on other chans in relation to the Insurance files (most threads discussing the keys here were promptly deleted).

Personally, I thought he was dead up until the Hannity interview. Now I tend to think he is alive - but I'm skeptical of him being in the embassy still. Either, he escaped, or he cut himself a deal - or has kept quiet for other reasons that no one has formed a solid hypothesis about.

This post reeks of Goons

is it possible the Hannity interview was cgi'd?

But not latex :^)

Next user got suicided.

Can anyone explain what the fuck the implications of this are to someone who doesn't know shit about cryptography?

Okay here's an analogy:
You're given a $300 Lego set for free. You could make a pretty neat robot by following the instructions.
Some people choose to stuff handfuls of pieces into their mouth and gargle them because it makes a funny sound.
They nearly choke to death, unfortunately survive, and then they create 50 threads about it on every imageboard they know of to announce to the world how dangerous Lego is.

...

If what he said were true others could replicate what he pretends he did. Vanning one guy would not accomplish anything. Ergo, shit is probably fake.

So basically CIA got rekt again?

OPENSSL IS NOT A PROTOCOL
REEEEEEEEEEEEEEEEEEEEEE

I want to believe you, but I'm not 12 years old.

I SAID I was a normalfag when it comes to this shit. That's my interpretation of this whole clusterfuck.

en.wikipedia.org/wiki/Secure_Shell
He mistyped.

I would strangle you personally if I could, user.

It's okay nigga, I'll explain it and for anyone else on this thread. TLS and SSL are both handled on the vast majority of Linux servers by openSSL. You run openSSL on your server and it does the job of encrypting/decrypting traffic coming in and out of the server. Since this is an exploit with openSSL, TLS is also affected. It wouldn't be news if SSL was broken because it already is broken, that's why TLS exists.

Possible, but imo very unlikely. There are other issues with the video that don't fit with a CGI'd (or Face2Face'd) Assange. Also, his speech mannerisms were mimicked too well - I don't think they have the capability to do this at that level (but I could be wrong).

It looks like it might have been green-screened though. Notice that Assange and Hannity in frames where both are present appear to be gazing to the side of each other. Video Chat with Assange later imposed in seems fairly plausible. Shadows can easily be preserved by taking a baseline of a room with similar structure on Assange's end (wherever he might be).

Probably nothing. Most of the pastebin is incoherent shit, not an exploit.

That's linux nigger

So don't use OpenSSL and use LibreSSL or GoSSL. Got it.

...

WHO ALL USES OPENSSL???

...

Nice try, Chaim.

Yes, most servers use linux. Unless you're fucking autistic and running WINDOWS SERVER or hyper-autistic and running unix, you're running linux.

Probably? I have no idea.

Tons of people, and likely most businesses

It means we're not really anonymous to anyone looking hard enough.
The entire internet has to break once quantum computing(for which we now have the bridge) is high-standard. Do you really think Google can't break AES right fucking now?
And what would happen if they did?

Every Jew in the world would have their bank account emptied in a matter of days. The Federal Reserve would be looted, not audited. Infosec across the entire planet would become obsolete. Our entire economic standard would be uprooted as every standard bit of data becomes irrelevant by the inability to verify its credibility. The most powerful men in the world would be reduced to whatever manner of equivalency you might apply as they can't prove their worth or even their holdings.

Needless to say, this transition will be heavily moderated, it's also the momentum behind state interest in cryptocurrencies.

That much is obvious

I think what the OP is claiming is that because the key extension algorithm is known, and MD5 is a critical part, and MD5 is very broken, the knowledge of the salt (which HAS TO BE included in the encrypted file, otherwise it could never be decrypted) would allow you to use a utility like hashcat to derive the original key, because hashcat has modes that do known salt attacks of specific formats, i.e. MD5(passphrase + salt) where salt is known.

Assuming the key extension scheme described is the actual one, you have these components:
1. original passphrase, hopefully of high entropy (i.e. it's long and uses very diverse characters, and the attacker has no foreknowledge of the character set used)
2. salt value, stored plaintext next to the encrypted contents of the file, pre-generated by OpenSSL, and of N bytes in length. The entropy of the salt is not terrifically important in reality, as long as the salt is at least different every time the encryption algorithm is used, which is the whole point of a salt in the first place. Even if the salt is affected by the key in some way, though that would be seriously bad news in terms of entropy, the important part is that the salt bytes are not re-used more than once. This is because the salt has to be included in the file, so the text of the salt is always known to all parties. It doesn't matter if you can re-derive the salt - you already have it.
3. 256-bit AES key used to transform the plaintext original file into the encrypted output file

As I said, the salt value has to be stored plaintext along side the encrypted file - usually it's something like the salt bytes are at the very beginning or the very end of the file, and they are of known finite length. This is necessary because you need both the original passphrase and salt to reconstruct the 256-bit AES key and therefore decrypt the value.

Assuming the 256-bit AES key is derived as OP describes, you basically have this, where '+' means "byte concatenation":
key = MD5(password + salt) + MD5(MD5(password + salt) + password + salt)
or this:
K1 = MD5(password + salt)
K2 = MD5(K1 + password + salt)
key = K1 + K2

MD5 has lots of weaknesses to be sure, but have fun generating a rainbow table from scratch for a particular salt, and one which includes concatenation of two hashes as well as hashing the concatenation of a hash with the password and salt again. I'm also not convinced that this scheme reduces the 256 bit key entropy to 128 bits as theorized, because:

1. If you use hashcat to try to brute force K1, how do you know if you've actually got the right value for K1? All methods of cracking hashes involve ACTUALLY HAVING THE HASH, but you don't have that, because you don't have the AES key itself. You need the actual 256-bit key to check if your guesses of the password were actually accurate, but if you had the key you could decrypt the file anyway.

2. You could use hashcat to attack the entire key, but I don't think it makes your life any easier:
PW(n) = the n-th password guess you've made, where 0 < n < N, where N is the upper bound on the search space
K1n = MD5(PW(n) + known salt)
K2n = MD5(K1n + PW(n) + known salt)
KEYn = K1n + K2n

You still have to try every possible password PW(n) and compute KEYn for each try, and then attempt to decrypt the AES encrypted data, and then somehow verify that the data you got out isn't a garbled mess because you have the wrong key. You wouldn't know you had the right PW(n) unless you had a way to tell you had successfully decrypted the file, which is practically a known plaintext attack as is. In other words, if you know the encrypted file was originally a zip file, you'd have to check the decrypted contents (maybe just the first block) for a correct zip file header. Also keep in mind the size of N (the search space bounds) is incredibly large - it's a^m where a is the alphabet size and m is the length of the passphrase. Both of those values you'd have to guess at - if you under-estimate you have less work to do, but a chance you'll never guess the passphrase because your search space is too narrow. If you over-estimate you could be doing many many orders of magnitude more work than is necessary.

More in the next post about how this doesn't affect browsers or the internet in the slightest.

there is a reason why OP was banned within 1minute after trying to post this shit on Holla Forums

yet, the fucking luddites yo are…

Yea, I don't use special snowflake freeSSL. I bet you're a leaf with all that shitposting you're doing.

Elliptic curve cryptography is supposedly resistant to quantum algorithms. There's also some new shit coming out that should be resistant as well, I don't remember what it's called though.

How does this effect me personally?

(checked)
So basically pic related then?

Found it, lattice-based cryptography is noted to be resistant to quantum computing.

Not sure what the exact source of this all is.
First post about it was on
The text seems to stem from here:
quickleak.se/AyVXOW6S

Checked right back at you user. And yeah, at this point I think the entire thing is fucking bullshit. The original pastebin is basically showing that if you already know the salt and plaintext passphrase you can re-generate the key. Well no fucking shit you can. The point is that the key is not stored in the encrypted output file, only the salt is, and the salt value has nothing to do with the passphrase from an entropy standpoint, so the pastebin doesn't help you in the slightest.

I'll explain why this has fuck all to do with the internet and SSL / TLS in a bit.

Communication about all this as it pertained to the Insurance files began on endchan.xyz/pol around Oct 22nd and then moved to other .onion chans and Bitmessage after the clearnet chans started getting CP spammed.

BitMessage was, shortly after, spammed and subject to Sybil attacks (still is).

I do not know how comms continued after this.

Check endchan.xyz/bunker for more information. The historical threads should be archived there somewhere (BEWARE OF HOLDING GROUP LARPers).

Read the bottom. The salt is contained in the decryption failure's output. If you have that value and the knowledge of how the key is generated (shown at the top:

K1 = md5(passphrase + salt)
k2 = md5(K1 + passphrase + salt)
key = K1 + K2

)

then you only need the salt and the first half of the key to gain the passphrase. md5 is proven vulnerable.

Could try 0chan

You're fucking retarded. You have the salt regardless, it's embedded in the encrypted file because it has to be there for decryption to work. So of course OpenSSL will reveal the salt to you, you can just open the encrypted file in a hex editor and the salt is right there anyway. I already explained this in my post above.

Here is my question to you. How do you know if you generated the correct K1?

Your theoretical attack is retarded because you need the first half of the key AHEAD OF TIME. You still can't generate the second half from the first, so you have to then use the known first 128 bits to bruteforce the passphrase, and then use K1 + bruteforced passphrase + salt to generate K2 and subsequently the key. Where are you going to find those first 128 bits, pray tell? You cannot bruteforce a hash unless you have a known value to bruteforce against.

No. Remember: you don't know the key. Here's what you have:

* A block of encrypted data
* The salt
* The algorithm to generate the key used to encrypt the file.

You can guess "md5sum(passphrase + salt)" all day, but the only way to check your guess is by attempting to decrypt the block of data. And to do that requires you guess the 2nd half of the key as well…

… and now you're back to guessing 256 bits

like im going to believe a screenshot of a couple of holders on a FUCKING APPLE PIECE OF GARBAGE.

KILL YOURSELF (1)

You faggots are such amateurs i dont why the fuck you bother posting on these threads.

That's not a Mac, that's Linux. You tards need to go back to plebbit, you're not welcome here.

...

Did you really expect faggots from Holla Forums to be able to crack a 128 bits password?

Basically most of the "free" vpn technologies people use to obfuscate their traffic and identity use openssl because its free. So, basically all of the bulk logged traffic collected by the nsa can be browsed and scanned as if it was plain text.

open one of the folders and screenacap, you double-nigger

You're replying to a hit and run (1)

Hail Victory

endchan larpers

sadface.bitmap

14/88

I decrypted a WikiLeaks insurance file using the instructions in the pastebin. The two niggers were telling the truth.

I, however, won't disappear like a faggot nigger, I will be posting the key and a dump of the file.

u better deliver asap

Blz show contents of some folder first

I did, see the screenshot, the Soros file contains a .pst Outlook file.

its bullshit

I'm talking about what's inside the .pst

open something and post screenshots matey

all they would have to do is post the key

cia niggers posting fake shit to ruze cruise newfags. whatever, newfags need to learn one way or the other.

this guy gets it

Someone is shining a flashlight through my window, brb going to investigate with my FNX-45.

enjoy!

So it's just some horrendously programmed piece of shit that happens to be sorta popular being raped open like the cheap whore it is?

Pretty good choice in firearms.

is c775 ded?

That guy (or gal) is in Gitmo by now being shot up with Sodium Pentothal.

Ayy lmao

Seriously though, this shit is easy to fake, so don't believe these faggots until they have absolute proof.

being this new

FUCK, wrong thing. brb killing self

MODS, DELETE THE THREAD
Stupid fucking larp shit.

I'm guessing whoever posted it meant it as a joke, that could be understood with what they viewed as trivial knowledge.

What the document says:

um. wut?

checked

2nd that

333id , Nice

Photoshopped, fake. At least put some effort into fam. Three poor souls are now in Gitmo and here you are faking shit. You dishonor the fallen anons.

Shadiley, my friend!

...

fag cant see point
checked

...

Nobody is rusing me today

...

...

>>>/oven/

...

Sure thing, I'm having kids with 2d animu characters right now :^)

Your mum killed it, shut the fuck up pussy. It's a constant battle, we win some we lose some. Fuck off with this "the world is ending" bull shit.

Have fun raising your wife's son. :v)

...

With pleasure :

FBI Bait Thread.

Bitcoin doesn't rely on SSL
SHAKING
MUH
DICK
HEAD

you dumb niggers. Any thing can get cracked given enough time. Remember that iphone crack FBI case? They dropped it real fast and quietly cuz they finally figured it out them selves. But also they wanted it to be legal for the tech guy to be forced to let them in at will, they failed that goal.

The Oklahoma City Bombing is one of the more interesting folders. It has what looks like the controller's notes on Timothy McVeigh and how they entrapped him.

You make me sick.

Actually, a more correct way to think of it is like a lock vs. all the locks of the same design. A particular lock can be picked (that's like brute forcing a password), but it won't help you any on the next house over. Not at all.

Plus, think about something like Bitcoin. The whole point is to have each WALLET hold only a small number of Bitcoin. That way no act of "picking the lock" is worth the expense in processing power (time & energy, when picking a physical lock).

Where the fuck are the mods, and when did Goldstein get out of jail?

The folder is empty.
They are all empty.

...

Why? I'm just telling you what's in the folders since you don't know how to use the exploit to decrypt them.

right, look at how they type, they all came from the same place
checked
your responses are just bumping this tread

Sorry man, forgot my sage.

ha, same guy from the elon guys tread, you like it here>? it that OK?! HAHAHa

Not really, no. You need to use ciphers that are specially-designed to resist quantum computers. ECC was not designed for this.

You are entirely correct. The key point is that you have to find the complete plaintext passphrase in order to generate the second half of the key. The only way you can do that is if you have the first 128 bits of the key anyway, because you need the hash output to brute force the hash input. Leaking half of your AES key is already incredibly bad news in the crypto world.

I know you're just shitposting, but I'll take it seriously for a second. Inform me how you find a hash collision when you don't know the hash or the passphrase, only the salt and the encrypted text, the decryption key of which is the composite of two unknown hashes.

If you have:
O = MD5(I + salt)
and you don't know O or I, you are completely fucked beyond all repair.

This. It's because there is no key, of course. It's just disinfo. Even the endchan larpers are doing something different than what is suggested in the OP - they are trying to derive the 256 bit key from bitcoin message attachments related to the wikileaks wallet address, but they're still dealing with an unknown plaintext because nobody knows what format the insurance files were before they were encrypted, which is a good thing in terms of WL's infosec.

Apple secretly enabled the FBI to crack the iPhone themselves, most likely. Apple force pushed an iPhone update shortly before the FBI said they had unlocked the phone "themselves." The update allowed the passcode on the phone to be reset one time, which re-sets the encryption key on the phone. Theoretically it would have allowed the FBI to get in to the phone and decrypt the data because of the crypto architecture on that specific version of the iPhone. Look in to it, it's interesting.

...

So basically OP's a faggot and nothing happened?

Whoeven wrote this pastebin is deeply confused about how encryption works. They have failed to identify any vulnerabilites. Instead they showed a bunch of instances of openssl working correctly, with comments suggesting it is somehow wrong or vulnerable.

Don't believe me? Try to find this on any place with crypto or infosec people. Or post it there and get laughed at.

Literally. Nothing.

Here's why the OP's post is entirely fake, as well as the claims that all crypto is broken, the internet isn't safe, bitcoin is vulnerable, etc.

The premise of the fake attack is the weakness of the MD5 hash function, used in the key extension algorithm (also called key stretching), which essentially takes a plaintext passphrase and increases its entropy so it can function as a 256 bit key. Even if your passphrase is longer than 256 bits already, you still want to do this so the bits are more randomly distributed. The idea is that you are "mixing" the bits so they have an even distribution of entropy, but you are doing it in a way that maintains a consistent relationship between the plaintext passphrase and the final 256 bit output. Same passphrase in, same 256 bits out, and optimally it should be nearly impossible to put in a different passphrase and get the same 256 bits out. MD5 has been weak against attacks and is not a great choice for this, and the OpenSSL developers should have fixed that part sooner.

All of that said, there are plenty of algorithms outside of MD5 that are great for doing this kind of key stretching work, and I believe newer versions of OpenSSL no longer use this MD5-based method at all. PBKDF2 with multiple rounds is a very popular method for key stretching and is considered reasonable by most crypto experts.

In any case, this non-attack relies on the fact the original person that encrypted the data used a passphrase to generate their AES key. AES is a symmetrical algorithm, which means there is only one key, and it is used for both encryption and decryption. However, encrypted communications happen using asymmetric crypto and are not vulnerable in this supposed way because there are no passphrases or key stretching involved. A webserver using SSL or TLS will have a public and private key pair that are randomly generated, and then those are signed by a certificate authority to establish the identity of the server and tie it to a web address like 8ch.net. There is no passphrase input when generating SSL keys, because they are using high entropy sources on the computer itself as their source of "input".

In addition, because there is a public and private key with asymmetric crypto, you can freely hand out the public key to anybody and they can use it to encrypt messages for you, but only the holder of the private key can decode the messages. Sharing your public key is necessary if you want anybody to talk to you, but you're totally fucked if you share your private key. Because AES is symmetrical, if you share your AES key you are totally fucked because the same key is used to encrypt and decrypt.

This supposed attack also requires the attacker must already possess the first 128 bits of the original AES key. The only way you're going to even see the first 128 bits of a passphrase generated key is if you specifically make OpenSSL output the key. The full 256 bit key will be in OpenSSL's memory while it is doing the encryption operation, but after the file has been encrypted OpenSSL should erase it from memory. The only way to re-generate it is with the same passphrase and salt. For an attack to rely on the first 128 bits being disclosed means someone would have to intentionally feed OpenSSL the passphrase and the salt from the encrypted file, as well as tell it to output the AES key to a file, and the disclose the first half of that file somehow. Even niggers aren't that stupid.

Finally, even if this attack was somehow feasible, a randomly generated 256 bit AES key would be perfectly safe from attacks, because there was no passphrase and no MD5-based key stretching. In this case you'd have to either memorize or store the 256 bit value somehow and reproduce the intact key in order to decrypt. That's harder to do than remembering a simpler password or phrase, which is why those methods exist.

100% right, OP is a disinfo shill and so are all the posters claiming to have unlocked insurance files. Well, those anons are probably just shitposting, but it's still fake all the same.

Nail on the head as well. It's surprising that the pastebin mentions some of the technical things it does while still being so grossly uninformed as to how encryption works, how keys are derived, and how attacks on hash algorithms work. If anything, it's kind of impressive that MD5 can be used in a completely shitty key extension algorithm and an attack still requires the first 128 bits of the private key to be disclosed, plus a sizable bruteforce attack after that.

this.
Why was this thread was even created I don't really know. Desensitize us to security issues?

but user my router has three

tl;dr but your awesome gondola gave me all the confidence i needed with your post.

Looked into it some, you're right, sort of. Elliptic curve is vulnerable to Shor's algorithm but there's a drop-in replacement for it that remedies that. Lattice-based cryptography seems to be resistant as well and it's been around forever. They'll have to adapt it some to resist quantum computers but it isn't like they have to build from the ground up.

Horsest of shits.

Ah, so you don't give a fuck about anyone emptying your bank account then, right?

...

hi nsa

Are we being raided or something?

Exactly how does an OpenSSL exploit effect bitcoin?

md5 has been hosed for a long time. Anyone still using it for anything has brain damage.

Come on fucking post the goods you homo

Its used in transmission, i.e. HTTPS

...

...

Yes, but does the rest of the internet?
Is your bank using LibreSSL?

So this is a variation of the Ken Thompson compiler hack? In that even if you cleaned up the offending code, and cleaned up the code of the compiler, you could still never quite be sure if the compiler you're compiling your cleaned-up compiler on is actually clean?

Whoever wrote that paste doesn't know shit about OpenSSL, or entropy or random.
Everyone knows that computers aren't completely random. This just seems like fear for the sake of spreading fear.

You seem even more ignorant about the subject

This is HUGE. Don't listen to the alphabet soup.

Do you know anything about how asymmetric encryption works? And that even if an AES key stretching algorithm flaw actually existed, which it doesn't, that it wouldn't effect TLS or SSL communication in the slightest?

Given that the attack described in the pastebin is completely impossible without gigantic disclosures of the original encryption key, I think it's reasonable to assume by default the rest of the conclusions are entirely without basis. If you don't understand that you can't perform a hash collision attack without the fucking hashed data in hand, I don't think you are trustworthy to analyze the quality of crypto related C code.

For fuck's sake, the last line of the pastebin is someone speculating on a random number coming out of OpenSSL when it's unable to decrypt a file, and that they believe it will help them narrow down the possible passphrase search space. Here's a direct quote:

How the fuck could OpenSSL leak information about the original key? OpenSSL has no fucking idea what the original key is, all it knows is the salt and the encrypted text. If the devs were dumb enough to embed data that is directly related to the key's entropy it would have been found a long time ago and heads would have rolled.

The random looking number that comes out is likely a 64 bit memory address printed in base 10 and it's random because of ASLR or unpredictable allocation patterns. The fact these people think "oh a random number, that must mean we can use it to reduce our key search space" is comical and betrays their complete lack of experience or research into anything related to encryption. It's good to know the people working hardest to break OpenSSL and decrypt all the wikileaks insurance files are all collectively burdened by microencephaly.

Oh definitely, please enlighten us as to how you used this to crack open all the WL insurance files with some convincing fake screenshots, oh wise user who believes everything he reads without questioning it.

Hey friendo, you've completely misinterpreted the OP and now you're spreading disinformation. The OP is a series of notes from newest to oldest. The most recent discovery in their research is that the random salt generator is not that but instead a purposefully designed side-channel to give out just enough information about each attempt at decryption to eventually reveal the key itself.

The OP says (in the relevant post at the top):

This is another piece of garbage information. There is a big difference between "this is our best attempt at a random number generator" and "this random number generator was intentionally compromised to function as an attack vector for anyone who knows about it". COMPLETELY different situations.

Except that anyone who's generating salted passes, doesn't use CPU or GPU based random noise. It's been known for decades that "random" isn't really random and that bit-based flaws could/would be exploited as CPU's and GPU's become more powerful. And that's because CPU's and GPU's have inherent flaws in the generation of numerical strings. If anything, the entire article if FUD. Hell I've got crypto books from the 90's that show that this was a known.

If you want truly random bit generation, you need to use truly random sources. That includes things like variance in lightening strikes, or multiple layers of bleed off by a x/number of vehicles DC generator in an area and so on.

You know, in the past you guys at least tried to be authentic.
Nowadys it seems that you take the next best retard from the street to do your work.

Read (that same guy) he's pretty much agreeing that OpenSSL is a piece of shit. But probably not for what they're saying. Personally I'm waiting for the OpenBSD people to comment as they're the ones who actually tried to clean up that mess a while ago.

...

underrated post

doxing is pronounced doaks-ing though

I wish a beaner would

get

the

fuck

out

Says who?

That's fucking stupid. Dox refers to documents as in docs. Do you pronounce documents as doakuments?

commonwealthfags

...

...

It's better to use multiple layers of encryption anyway.

Do you even know what the fuck we're talking about or are you just mad that somebody's reporting a happening?

Ew, what's wrong with her proportions? Disgusting, truly disgusting.

better then being a fatty

Also : If it is broken, where is the megaupload for the WL insurance files?

better than fucking a fatty

That's a whole other variety of encryption called AES-256. This specific thread is mostly centered around the OpenSSL protocol, which is what keeps your communications to and from certain websites most of the ones you browse that start with "https" instead of the relatively insecure "http" encrypted.

While I haven't looked into cryptocurrencies, I sincerely doubt that bitcoin relies on OpenSSL to prevent fuckery in its workings. Your bank's website, on the other hand, probably does.

On the bright side, you really only have to worry about someone with a massive collection of OpenSSL-encrypted communications deciding to unencrypt it. This limits the number of potential thieves of your information to a relatively small percentage of the population, namely the people who could execute man-in-the-middle attacks.

For those of you in this thread who are panicking, remain calm. Outside of the people whose WiFi you're stealing, the NSA's massive dragnet, and your ISP, most of your traffic is still too hard to play with.

Feels good man

How old is that information? Need to know how bad it is.

Here user, have this birthday doggo. God is with us this year, it's our current year now.

Is this really the issue? If they've got 15 years to bruteforce my 58 char password they're very welcome to try.

Ruse Cruise,
the thread.

techfag here, wtf is this

Those files are encrypted with AES256. What does that have to do with OpenSSL?

woah

...

Just found this thread and read the linked wall-of-text. Most of it is a detailed walkthrough of OpenSSL's default KDF for the enc command. Surprise, the KDF's shit.

The text quoted in is the only real … anything in this. The claim, for which no evidence is actually presented, is that the salt value generated by OpenSSL is actually derived from the passphrase due to memory-management shenanigans. If true, this would be very bad because the salt is included in the ciphertext blob and is available to an attacker.

The unsupported claims that the salt is derived from the passphrase allege an inexcusable, intentional, backdoor. The text doesn't tell us how to recover the leaked information and actually generate the key without the passphrase, however. Nor do we find any direct evidence that the salt depends on the passphrase. They handwave that part of OpenSSL modifies its own binary, but don't provide disassembly listings to support their claims at all.

With evidence to back up these claims, we'd have a smoking gun with TAO's fingerprints all over it. Without evidence, we have another fucking Sorcha Faal rant. The evidence would be right there in the OpenSSL source code and makefiles, by the way. Any programmer anons care to dig for it?

The bit about 3SAT is particularly lulzy. First, they claim that getting MD5 and AES into a form that can be used by the solver is unsolved, then they claim that the solver only runs for 40 seconds! If running 3SAT on MD5/AES is unsolved, where did they get that "40 seconds"?

I thought OP was lying before I watched that video.

Fuck.

Three condoms.

|>
|3

commit sudoxu.

|

You're almost there. The claim is that the salt is derived from the passphrase and gives information about the passphrase.

Not weaker ciphers–the weakness is in key generation, not the cipher itself. A file encrypted with AES would be vulnerable, even though AES is not broken by this.
The claim is that there is a way to derive the cipher key without the passphrase.

The AES key is derived from the passphrase and a "random" salt that isn't secret and is stored with the ciphertext. The only substantial allegation is that that "random" salt is also derived from the passphrase. No evidence to support this claim was given.

The only actual claim in OP's pastebin is that the salt is derived from the passphrase. No evidence is given to support this claim.

This guy gets it–one of the problems is that your "256-bit" AES key really only has 128 bits of entropy. So you may as well use AES-128.

Not quite–the salt is distributed with the document. The claim is that the salt is derived from the passphrase.

OpenSSL is able to report "bad decrypt"–that means there's a marker in the plaintext that indicates a correct decryption.

I shiggy diggy.

Does 8ch use LibreSSL or OpenSSL?
Are we all compromised?

OK, anons, aspiring plebian here. I copied the raw text 2 days ago and I'm going nowhere slow.
What I want to know is: How does all this help me decrypt the RSA 4096 that I was hit by last spring?
The files aren't important but I've been trying to figure it out nonetheless.
The faggot who crypted them wants me to pay shekels through a TOR onion and gave me a specific identification number.

This attack is against AES encryption (as implemented by OpenSSL.) So it probably doesn't help you iota.

Thanks, all I needed to know.
bumping for the hell of it since plently of jew threads lately

No, that would require breaking other cryptos like RSA (which I'm working on).

It DOES mean, if true, that some encrypted folders may be vulnerable

This doesn't help you. Take your ransomware problem to Bleeping Computer. They might be able to help you. Quite a bit of ransomware that says "RSA 4096" doesn't actually use 4096-bit RSA or even AES at all.

Not even that–the attack (if there is an attack) is against OpenSSL's default key derivation function, which uses a "random" salt. The claim is that the "random" salt is actually a function of the passphrase. If so, then brute-force attacks against the passphrase can check if each candidate passphrase could produce the known salt. If this check is cheaper than actually attempting to decrypt the file, the attacker wins.

Worse, for CBC mode, an initialization vector is required. The IV is also a "random number" and, like the salt, is not secret. Unlike the salt, which is a mere 64 bits, the IV is the full length of a cipher block, which is 256 bits for AES. 256+64 =320 bits is more than enough to hide information equivalent to a 256-bit AES key.

Jesus fuck lad, you can't.

1024 isn't even broken yet though we're close. Everyone's going quantum, I think you'll find analog much better suited for these calculations; particularly using frequency or oscillations as your data(eg 1mhz=0 2mhz=1 3mhz=0) This would allow you to effectively replicate important aspects of quantum computing.

It goes without saying you want to perform prime factorization of the modulus by brute force. you can speed this up by only factoring up to the squareroot of the modulus, remembering the last bit will always be a 1, and starting your brute force with the first bit at 1.

You would then test that number by dividing the modulus by it and if it divides completely (meaning x/y=int) you found the prime numbers used to generate the keys and can then go through the process of generating the private key.

Just to factor the modulus you have to perform on average 2^2048 calculations which needless to say is practically impossible.

Also, analog computing is funky and innacurate but will get you within a range that might be manageable with ordinary processing power.

There are components that would allow you to theoretically perform these calculations immediately, however you would need to use the wave computing I suggested before as part of the factorization, as it sits right now you only get about 4.4ghz to play with which means you can go up to 4.4 billion as your largest number fairly easily before you have to start splitting cycles (e.g. measuring 1 as .5hz). You have a very large space to perform calculations, and theoretically you would just need to plugin the modulus as a wave at xGhz and run it through a wave-divider using a high frequency clock to iterate through the divisor until your remainder is an integer.

It's a lot more complicated than that though

Learn English faggot dumbfuck.

You sound like a LARPer, what the fuck are you talking about?

whadda about GnuTLS?

Encryption, RSA, 4096 bit; best chance of cracking RSA without multi-billion dollar equipment -all theoretical

Yes you can dumb fuck

It won't. The people in this thread are fucking retarded, bitcoin doesn't rely on OpenSSL (lmao)

If this was real (its not), post info about this right now. I have been trying to find anything about this 7 years

Pic related

Amazon has it's on TLS implementation: sn2

You can't buy a large fraction of the gold in the universe like you can with bitcoin.

If BTC were to survive and become more widely adopted, people who bought early and held could become trillionaires.

Whoever's still holding on missed the unloading station, now that China's fucking around with Bitcoin.

I'm a cissp security specialist for a non American alphabet. Casuals and low hanging fruit all just got 0 day lol

No concern for encryption itself, this is the leaving your key in the door type of issue

info?

That is precisely why Bitcoin will fail: You cannot have all the money in the world. The value of money is the ability to transact business with it.
If one person (or a small group) have the vast majority of some type of token, that token will quickly become valueless as other people find some other medium of exchange that is available to them. Bitcoin's inability to scale (see blocksize debate) will confine it to a niche role at best.
Some form of cryptocurrency is inevitable, barring extreme technological regress, but Bitcoin is highly unlikely to be it. Greed will kill Bitcoin.