[Cryptography] Checking for the inadvertent use of test keys

EddyHawk quarsicon at yahoo.com
Thu Sep 3 11:20:01 EDT 2015


--------------------------------------------
On Thu, 9/3/15, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:

 Subject: Re: [Cryptography] Checking for the inadvertent use of test keys
 To: "cryptography at metzdowd.com" <cryptography at metzdowd.com>
 Date: Thursday, September 3, 2015, 12:53 PM 

 So for now I've left things at the ad-hoc level, checking
 for ASCII strings,
 strings where value n+1 differs from value n by a small
 amount, that sort of
 thing.  It's not meant to be a bulletproof test, just
 something to ask the
 user "are you sure this is what's meant to be used as a
 key".
 
You could run a basic sorting algorithm to the key content
and count the number of swaps it performed.
If no swap or very few swaps happen, the key is probably a test key.



More information about the cryptography mailing list