Abstract
Ciphertext entropy is a key property for detecting the use of insecure encryption modes such as Electronic Code Book (ECB) and for testing symmetric=key cryptographic algorithms. This paper discusses the use of lossless compression utilities as a proxy measurement for entropy and its use in detecting a limited set of encryption vulnerabilities. We also note the use of off-the- shelf algorithms yields a teaching tool for Information Technology and Cybersecurity students. Finally, small and consistent differences between encryption modes provide the potential to identify the encryption algorithm from compression factors.
Recommended Citation
Hansen, Richard
(2024)
"Detecting Encryption Vulnerabilities with Lossless Compression,"
American Journal of Science & Engineering (AJSE): Vol. 3:
Iss.
3, Article 3.
Available at:
https://research.smartsociety.org/ajse/vol3/iss3/3