Having a timely loan each be Online Payday Loan Online Payday Loan gotten via a approved.


UPDATED on Nov28, 2009 – See previous version at security0

Real security doesn’t thrive on keeping how it works a secret. Here we explain what a hacker would have to do to crack a norbt.
Cracking a norbt means finding out the text without knowing the answer.

Cryptography used on a norbt

Let’s assume that the hacker gets access to the server and obtains the data stored there.

The data stored on the server for a norbt is:

answer: HMACSHA1(answer, salt1) , salt1
text: AES128(HMACSHA1(answer, salt2), IV, Mode.CFB, text), salt2, IV

For the hacker to crack the text she will have to break either HMACSHA1(answer, salt1) or AES128 directly.
Listening to traffic won’t work to break a norbt because all encryption and decryption operations are performed in the browser. If the hacker breaks SSL to look at the traffic she won’t get any more data than what is stored on the server.

Strong Answer = Strong norbt

In most cases the answer will be the weakest point of a norbt. If an answer is easy to guess or if there are a limited number of options (example: which country do I live in?) then it is easier to try all possible options and come up with a correct answer. If your answer is strong then your norbt will be almost unbreakable.

Your norbt is as secure as your answer. To crack a norbt without guessing the answer, the hacker has to break either HMACSHA1 or AES, which are cryptography standards that the security world uses (banks, governments, secure USB keys, military, computer passwords…).

We take the security of your data seriously.

wikipedia references:

Leave a Reply