Jump to content

Using Threefish With Autoit

Adele

By Adele,
in AutoIt General Help and Support

 Share

Recommended Posts

Adele Adventurer

Adele

Posted
Posted (edited)

Hello. I want to do threefish encrytion / decryption operations with AutoIt. There are implementations for languages like C#, Assembly but I don't know how can I use these with Autoit. 

I guess we can use DLLs for this and I wait for your help. If I want so much thing, I'm sorry because I don't have an idea about that how difficult. Maybe there is already an existing made function for Autoit. I've found some examples with Autoit but none is for Threefish.

If you ask why do I want to use this algorithm, because supported algorithms on AutoIt like DES, RC, AES has some various bugs as I explored. Do you have a strong algorithm suggestion?

Thank you in advance.

Edited by Adele
Threefish is the newest version replacing Twofish.
Link to comment
Share on other sites
BrewManNH Universalist

BrewManNH

Posted
Posted (edited)

AES Rijndael is the standard, Twofish was one of the contenders for AES but lost out to Rijndael, so I'd be looking at the standard rather than the runner up myself.

Edited by BrewManNH
typos

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted

I would echo what BrewMan said...but I am curious...

...supported algorithms on AutoIt like DES, RC, AES has some various bugs as I explored.

Can you elaborate?  

Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetreive SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites
Adele Adventurer

Adele

Posted
  • Author
Posted (edited)

I've read non-English articles about this topic, so I can't share these here :). If you research on search engines, for example like "des rainbow" or "des cracking", you can find detailed articles and news. There are also informations on Wikipedia about that.

Of course this doesn't mean these algorithms has been cracked completely. For example, before rainbow table of DES has been cracked, 2^56 (quadrillion) complexity was needed. But today DES can be crack with 2^39 (billion) complexity. So DES no longer can be crack in a very short time with supercomputers. Similarly, AES and RC can also be crack in shorter time using rainbow tables.

Edited by Adele
Link to comment
Share on other sites
BrewManNH Universalist

BrewManNH

Posted
Posted

Every encryption can be cracked that way. The problem is that the rainbow tables needed for cracking AES needs more storage space than the entire internet currently has available. You're worried over nothing. Also what makes Twofish any better in this?

If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Link to comment
Share on other sites
Adele Adventurer

Adele

Posted
  • Author
Posted (edited)

You may be right. I've thought Twofish is safer because its rainbow tables haven't been cracked yet. I don't protect classified information but I always want best of everything.

AES 128 seems like the safest algorithm on AutoIt and it has 2^126 complexity for now. Should I use this?

Edited by Adele
Link to comment
Share on other sites
spudw2k Universalist

spudw2k

Posted
Posted (edited)

Rainbow tables typically deal with hashing algorithms, not encryption.  They are generated by producing all possible hashes using a character set definition (alphanum, special char, and length) in a brute-force manner. 

Still, yes...there are other cryptanalysis findings for DES, RC and AES, but nothing that completely breaks the algorithms, rendering them insecure.

AutoIt supports Triple-DES, AES128, AES192 and AES256.  I'd say any of those are reasonably safe to use.

Edited by spudw2k
Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetreive SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

Link to comment
Share on other sites
Adele Adventurer

Adele

Posted
  • Author
Posted

One more question... Is complexity value everything? Because AES 128 is older but has 2^126 complexity. AES 192 and 256 are newer despite that if I've understood correctly their complexities are 2^176 and 2^99. But I'm guessing that when rainbow tables were used (or whatever to decrease the complexity), the complexity decreases but the attack needs more time. In this case we can't say AES 256 is more insecure because it has 2^99 complexity according to AES 128.

I wouldn't to talk more about this topic :blink:...

Link to comment
Share on other sites
iamtheky Universalist

iamtheky

Posted
Posted (edited)

The only thing you are buying is time, and time is cheap.  Does it matter if it takes the attacker 65 years to break it if you only need it locked down for .65 seconds?   RC4 is still used widely because things like compatibility and CPU overhead matter more than enhancing the encryption.  So endgame and sensitivity matter.

 

AES Rijndael is the standard, Twofish was one of the contenders for AES but lost out to Rijndael, so I'd be looking at the standard rather than the runner up myself.

The US Government uses ONLY unpublished algorithms for Compartmentalized TS and Suite A communications. And if the government gets it's shit from the right, and tells the people to get their shit from the left, the people should tell the government to gtfo.

 

 And experts/authors question the contest and results, so much so that some very smart security-minded folk are also going Two/ThreeFish.

https://threatpost.com/silent-circle-moving-away-from-nist-ciphers-in-wake-of-nsa-revelations/102452/

Edited by boththose
lacking a preposition 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...