问题
Have opened just for fun just compiled .net application and have found in binary structure of the file the next:
I've just working with my HTTP parser tool, where I'm training with substring search algorithms and found in the different places the real name of some human "Ivan Medvedev".
What is it?
回答1:
He's a security expert that works at Google, previously at Microsoft. His name appears in the bytes used to initialize the PasswordDeriveBytes in this project he published at Codeproject:
PasswordDeriveBytes pdb = new PasswordDeriveBytes(Password,
new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d,
0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76});
Looks familiar? This ends up verbatim in the metadata tables of the program, visible as plaintext when you look at the executable and located early in the file. Not good. He warns about it in the article:
Some cryptography specific considerations should also be there. For example, the salt values in PasswordDeriveBytes should better be random rather than hard coded (sometimes it is ok to have them hard coded, for example, when encryption happens rarely and the code is not accessible by attackers). If the salt is random and changed frequently, you don't even have to keep it secret. Also, when possible, use byte[] keys as opposed to passwords. Because of the human factor, password-based encryption is not the most secure way to protect information. In order to get 128bit of key information out of a password, it has to be long. If you are using just small letters that give you about 5 bits of information per character and your password will have to be over 25 characters long to get to 128bit. If you are using capital letters and some symbols you can get to about 7 bits per character and your password minimum length will have to be around 18 characters (how long is your password? ;-)).
Well, you know why. This is what he looks like:
来源:https://stackoverflow.com/questions/14658131/exe-comperession-for-the-net-app-algorithm-shows-strange-chars-with-the-real