dpt's Journal: That about wraps it up for "Xerithane"

Here's his last attempt to wriggle out of being proven wrong *again*.

You are funny. I know lots of people with lots of OpenSSL experience who are saying the OpenSSL documentation is shit. In fact, on most of the posts I've read on the subject, they say the test code is the best documentation -- they're right. That was what I used. It works now, so you seem to be flawed in your understanding.

Interesting how people who accomplish exactly nothing their entire lives are quick to call the work of others "shit".

Many people use OpenSSL quite easily. Each function is well documented, if you can take the time to read and didn't learn to code from "Visual Basic in 24 hours", as this fucktard clearly did.

Free clue: Applying hash chaining (using SHA1) to ASCII text would not produce ASCII text as in your challenge. Therefore, you are full of shit.

I merely said the encryption was using SHA hash chaining, not the data encoding

I gave him an opportunity to state the encoding by asking a couple of times, but he said it wasn't and was "just using SHA1", and that any mention of encoding was "shit" and "irrelevant".

It's taken a little while but I've finally smacked him enough that he inadvertantly admitted it. How embarassing for him.

I suspect he realized what a mistake he's made. Oh well. Perhaps he's finally figured out what base64 is ... it seemed to cause him confusion and panic earlier.

You can't do it, end of story.

Of course, no one can if the stated method is a lie. He said he was just using SHA1, and now there is an unnamed encoding scheme as well. There's also the fact that he refuses to state the exact algorithm - without knowing which of the many variants it's just a waste of time for anyone. Obviously.

I bet he thinks there is only one form of hash chaining, and only one possible encoding scheme ... he doesn't seem to have actually read anything about cryptography at any point in his miserable life.

So to conclude: by simply inspecting his data, I've proven him to be wrong.

This code has been in production for about 2 years now, so that isn't the case. You can keep making things up though, it's pretty fun

Now he can figure out why this is not a very good idea in production code. I'm betting he just doesn't know any better, as the answer involves mathematics. There's a challenge for him!

A shame he's too cowardly to show the code, where, at the very least, I would point out that he is encoding the output, which contradicts what he said earlier. Then there's the inevitable differences between what he's done and what is described in Applied Cryptography. That's if he's even gotten it right ... I'm guessing that he's shit-scared to show his code. That's the only reason I can think of for his running away from the challenge after being publically called out.

I guess he had better get back to learning how to code and reading up on encryption, then maybe he wouldn't have to take these public slappings ...

Or perhaps he'll just go back to sucking twirlip's cock in public ... I guess that's one way for an underemployed, shiftless loser without a clue to earn some cash.

Laymans explanation?

[cyranoVR]

Ok, I know next to nothing about encryption. Can you provide a Cliff Notes on this post? I do understand things like Ascii vs ISO encoding and hash functions...

I'm interested because 1) I want to learn more about encryption and 2) I want to understand exactly how Xerithane got "smacked down."

Re:Laymans explanation?

[dpt]

Sure.

The "person" in question provided a string that was supposedly encrypted with hash-chaining, using SHA1, for me to decrypt. However, the resulting bytes are clearly within a range representable in ASCII. If you know SHA1 you know that won't happen ... so he must have encoded it (or "mapped" it ) to ASCII characters somehow.

I asked him which encoding he was using, even suggesting base64, but he jumped up and down and screamed "it's *just* hash-chaining", said that the question was "irrelevant", and "s