Talk:Weak key

This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Cryptography: Computer science This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles ??? This article has not yet received a rating on the importance scale. This article is supported by WikiProject Computer science.

all ones (FFFFFFFFFFFFFFFF) ones or F:s? —Preceding unsigned comment added by 90.227.133.160 (talk) 17:45, 1 April 2008 (UTC)[reply]

Yes, I was thinking about a one-time pad (XOR with a binary key) and considered that a key of all 0 or all 1 would be pessimal, and a lot of other weak keys should be possible. If the attacker knows something about the plaintext, then a OTP key that has low entropy over some interval might reveal plaintext info. Let's-ask-geoff (talk) 07:07, 24 August 2023 (UTC)[reply]

all keys can be brute-forced in about a day for a one-time hardware cost on the order of some new cards

- I suppose these "new cards" mean some FPGA Boards, which are quite costly. COPACOBANA costs about 10k$ and cracks DES in about 7 days. —Preceding unsigned comment added by 134.147.31.177 (talk) 00:11, 2 December 2010 (UTC)[reply]

"all DES keys can be brute-forced in about a day for a one-time hardware cost in the order of some new PC add-on cards" I suppose they're referring to hiring crack.sh site operators, but hashcat does it with GPU. I probably should edit this to be more accurate. Also, note that it's a decade after your comment, so price has likely gone down. :P

Actually, just checked and someone had an 8x GTX 1080 setup that is pretty impressive: https://www.servethehome.com/password-cracking-with-8x-nvidia-gtx-1080-ti-gpus/ Needless to say, this paragraph was entirely untrue and should have been edited years ago. 2A0B:7080:10:0:0:0:1:E187 (talk) 06:22, 22 October 2018 (UTC)[reply]

"An algorithm that has unknown weak keys does not inspire much trust[citation needed]." How does this require a citation? It seems like a pretty common sense idea to me. If there are unknown weak keys, then a user could accidentally pick a weak key which a knowledgeable attacker (to whom the weak keys aren't unknown) could take advantage of. Would it suffice to not have a citation if this sentence was rewritten with a less personal tone? — Preceding unsigned comment added by 65.197.242.127 (talk) 19:13, 15 November 2016 (UTC)[reply]

In my opinion, Enigma did not suffer from any weak keys. I therefore deleted the following passage:

The German Enigma machine is a family of about a dozen different cipher machine designs, each with its own problems. The military Enigma cipher machine, in its 3 and 4 rotor implementations had the equivalent of weak keys. Certain combinations of rotor order, stepping and initial key were fundamentally weaker than others. The Enigma's reflector (when used) guaranteed that no letter could be enciphered as itself, so an A could never turn back into an A. This helped Polish and, later, British efforts to break the cipher. (See Cryptanalysis of the Enigma and the Enigma rotor details.)

If anybody should know a weak key for Enigma, please comment. Best wishes --OS (talk) 12:21, 15 November 2018 (UTC)[reply]