[liberationtech] Encipher.it
Steve Weis
steveweis at gmail.com
Tue Jun 18 13:05:46 PDT 2013
It's not safe.
This is their bookmarklet:
(function(){document.body.appendChild(document.createElement('script')).src='
https://encipher.it/javascripts/inject.js';})();
That loads a JavaScript file from the encipher.it site, which can be
changed at any time and compromise your messages without your knowledge.
The actual call to encrypt data is here:
https://encipher.it/javascripts/encipher.js :
"""
hmac = hex_hmac_sha1(key, _this.text);
hmac += hmac.slice(0, 24);
cipher = hmac + salt + Aes.Ctr.encrypt(_this.text, key, 256);
"""
They're MACing the key for some reason, then using unauthenticated CTR mode
without an HMAC. So this is completely vulnerable to someone modifying the
ciphertext.
That CTR mode is implemented by this:
https://encipher.it/javascripts/AES.js. That's
using the time of day as a nonce combined with a weak JS Math.random().
That's vulnerable to some attacks as well.
Generally, I'd assume that a random crypto project you run across is
probably not safe.
On Tue, Jun 18, 2013 at 11:51 AM, Lorenzo Franceschi Bicchierai <
lorenzofb8 at gmail.com> wrote:
> Have you guys seen this?
>
> https://encipher.it/
>
> I've searched through the archives but didn't see anything. I'm wondering
> how safe this is.
>
> It has received some small attention on the media before.
>
>
> http://www.pcworld.com/article/255938/encipher_it_encrypts_email_for_free.html
>
> Thoughts?
>
> --
> *Lorenzo Franceschi-Bicchierai
> *Mashable <http://www.mashable.com> Junior US & World Reporter
> lorenzo at mashable.com | lorenzofb8 at gmail.com
> #: (+1) 917 257 1382
> Twitter: @lorenzoFB <http://www.twitter.com/lorenzoFB>
> Skype: lorenzofb8
> OTR: lorenzofb at jabber.ccc.de
> www.lorenzofb.com
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130618/2d31f6a3/attachment.html>
More information about the liberationtech
mailing list