X-Git-Url: https://git.martlubbers.net/?a=blobdiff_plain;f=report%2Fv7_cryptography.tex;h=952d832be69641b7477f8c42c61ab5a3bbb9604a;hb=b4eaf4d5efb8cea0c57c5d14be25ff38c1deeb2d;hp=293dd195b97452c7a418b9b06c6fc07f06723b3f;hpb=a06f593282947a490cc23d1186eddfdd4774f790;p=ssproject1617.git

diff --git a/report/v7_cryptography.tex b/report/v7_cryptography.tex
index 293dd19..952d832 100644
--- a/report/v7_cryptography.tex
+++ b/report/v7_cryptography.tex
@@ -1,11 +1,16 @@
 % usage of crypt()
-\begin{enumerate}[label={7.\arabic*}]
+\begin{enumerate}[label={V7.\arabic*}]
 
   \addtocounter{enumi}{1}
     \item
-    \TODO{}
+    \pass{}
     Verify that all cryptographic modules fail securely, and errors are handled
     in a way that does not enable oracle padding.
+    \begin{result}
+    The only cryptographic operation is the hashing of the password, which can
+      not be vulnerable to a padding attack as it does not use a block cipher.
+    \end{result}
+
 
   \addtocounter{enumi}{3}
   \notapplicable{
@@ -20,6 +25,10 @@
     \TODO{}
     Verify that cryptographic algorithms used by the application have been
     validated against FIPS 140-2 or an equivalent standard.
+    \begin{result}
+    The application uses md-5 for password hashing, which should be insecure by
+      now.
+    \end{result}
 
   \notapplicable{
     \item