Adele

Using Threefish With Autoit

9 posts in this topic

#1 ·  Posted (edited)

Hello. I want to do threefish encrytion / decryption operations with AutoIt. There are implementations for languages like C#, Assembly but I don't know how can I use these with Autoit. 

I guess we can use DLLs for this and I wait for your help. If I want so much thing, I'm sorry because I don't have an idea about that how difficult. Maybe there is already an existing made function for Autoit. I've found some examples with Autoit but none is for Threefish.

If you ask why do I want to use this algorithm, because supported algorithms on AutoIt like DES, RC, AES has some various bugs as I explored. Do you have a strong algorithm suggestion?

Thank you in advance.

Edited by Adele
Threefish is the newest version replacing Twofish.

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

AES Rijndael is the standard, Twofish was one of the contenders for AES but lost out to Rijndael, so I'd be looking at the standard rather than the runner up myself.

Edited by BrewManNH
typos
1 person likes this

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

I would echo what BrewMan said...but I am curious...

...supported algorithms on AutoIt like DES, RC, AES has some various bugs as I explored.

Can you elaborate?  

1 person likes this

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

I've read non-English articles about this topic, so I can't share these here :). If you research on search engines, for example like "des rainbow" or "des cracking", you can find detailed articles and news. There are also informations on Wikipedia about that.

Of course this doesn't mean these algorithms has been cracked completely. For example, before rainbow table of DES has been cracked, 2^56 (quadrillion) complexity was needed. But today DES can be crack with 2^39 (billion) complexity. So DES no longer can be crack in a very short time with supercomputers. Similarly, AES and RC can also be crack in shorter time using rainbow tables.

Edited by Adele

Share this post


Link to post
Share on other sites

Every encryption can be cracked that way. The problem is that the rainbow tables needed for cracking AES needs more storage space than the entire internet currently has available. You're worried over nothing. Also what makes Twofish any better in this?

1 person likes this

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

You may be right. I've thought Twofish is safer because its rainbow tables haven't been cracked yet. I don't protect classified information but I always want best of everything.

AES 128 seems like the safest algorithm on AutoIt and it has 2^126 complexity for now. Should I use this?

Edited by Adele
1 person likes this

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Rainbow tables typically deal with hashing algorithms, not encryption.  They are generated by producing all possible hashes using a character set definition (alphanum, special char, and length) in a brute-force manner. 

Still, yes...there are other cryptanalysis findings for DES, RC and AES, but nothing that completely breaks the algorithms, rendering them insecure.

AutoIt supports Triple-DES, AES128, AES192 and AES256.  I'd say any of those are reasonably safe to use.

Edited by spudw2k
1 person likes this

Share this post


Link to post
Share on other sites

One more question... Is complexity value everything? Because AES 128 is older but has 2^126 complexity. AES 192 and 256 are newer despite that if I've understood correctly their complexities are 2^176 and 2^99. But I'm guessing that when rainbow tables were used (or whatever to decrease the complexity), the complexity decreases but the attack needs more time. In this case we can't say AES 256 is more insecure because it has 2^99 complexity according to AES 128.

I wouldn't to talk more about this topic :blink:...

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

The only thing you are buying is time, and time is cheap.  Does it matter if it takes the attacker 65 years to break it if you only need it locked down for .65 seconds?   RC4 is still used widely because things like compatibility and CPU overhead matter more than enhancing the encryption.  So endgame and sensitivity matter.

 

AES Rijndael is the standard, Twofish was one of the contenders for AES but lost out to Rijndael, so I'd be looking at the standard rather than the runner up myself.

The US Government uses ONLY unpublished algorithms for Compartmentalized TS and Suite A communications. And if the government gets it's shit from the right, and tells the people to get their shit from the left, the people should tell the government to gtfo.

 

 And experts/authors question the contest and results, so much so that some very smart security-minded folk are also going Two/ThreeFish.

https://threatpost.com/silent-circle-moving-away-from-nist-ciphers-in-wake-of-nsa-revelations/102452/

Edited by boththose
lacking a preposition
1 person likes this

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now