Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-01-2017, 00:22
dila dila is offline
Friend
 
Join Date: Jan 2010
Posts: 60
Rept. Given: 12
Rept. Rcvd 32 Times in 14 Posts
Thanks Given: 35
Thanks Rcvd at 74 Times in 20 Posts
dila Reputation: 32
Post Encryption vs compression detection

I've been investigating ways to distinguish between data that is compressed and data that is encrypted. Entropy is a good way of finding scrambled data but it cannot tell the difference between compressed and encrypted blocks.

With this code, instead of looking at the frequency of occurrence of bytes in the file, we treat the file as if it is the output of a Boolean function and we look at the type of equations that must give rise to this output sequence. This method is used to test the quality of random number generators.

You can find my C++ implementation of the Walsh-Hadamard transform attached. The idea was eventually to build this measurement into some kind of GUI tool for people to use, but I'm not sure that I'm getting good results with it.

You will have to compile it yourself if you want to try it out, but you might just be interested in the code.
Attached Files
File Type: zip file_encryption_test_using_fwht.zip (1.84 MB, 24 views)
Reply With Quote
The Following 7 Users Gave Reputation+1 to dila For This Useful Post:
chessgod101 (10-01-2017), MarcElBichon (10-01-2017), mr.exodia (10-01-2017), Storm Shadow (10-01-2017), tonyweb (10-01-2017), yoza (10-04-2017), zeuscane (10-01-2017)
The Following 15 Users Say Thank You to dila For This Useful Post:
aldente (10-02-2017), an0rma1 (10-01-2017), besoeso (10-01-2017), chessgod101 (10-01-2017), leader (10-07-2017), NoneForce (10-01-2017), ontryit (10-01-2017), p4r4d0x (06-20-2018), sendersu (10-01-2017), sh3dow (07-29-2019), Storm Shadow (10-01-2017), tonyweb (10-01-2017), uel888 (10-02-2017), yoza (10-04-2017), zeuscane (10-01-2017)
  #2  
Old 10-01-2017, 20:49
ontryit ontryit is offline
Friend
 
Join Date: Nov 2011
Posts: 172
Rept. Given: 127
Rept. Rcvd 17 Times in 14 Posts
Thanks Given: 411
Thanks Rcvd at 70 Times in 43 Posts
ontryit Reputation: 17
@dila, can you share the src out of this board, since i can't downloaded from the attachment. Thank you
Reply With Quote
  #3  
Old 10-01-2017, 23:31
dila dila is offline
Friend
 
Join Date: Jan 2010
Posts: 60
Rept. Given: 12
Rept. Rcvd 32 Times in 14 Posts
Thanks Given: 35
Thanks Rcvd at 74 Times in 20 Posts
dila Reputation: 32
I pasted the code here https://pastebin.com/q2Ppk51Q. The ZIP attachment is large because it contains a PDF describing a method of testing random sequences using the WHT.

If you want to know more about the transform, you can read about it in The Design of Rijndael book (PDF available here). Here they give some identities of the function, such as how bitwise XOR of two functions in the Boolean domain corresponds to convolution of their coefficients in the spectral domain.
Reply With Quote
The Following 3 Users Say Thank You to dila For This Useful Post:
foosaa (10-09-2017), tonyweb (10-02-2017), zeuscane (10-02-2017)
Reply

Tags
entropy

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Armadillo compression algorithms gigaman General Discussion 2 05-08-2007 07:22


All times are GMT +8. The time now is 16:11.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )