Cryptography-Digest Digest #333, Volume #12 Wed, 2 Aug 00 02:13:02 EDT
Contents:
Re: MS Word Master Password ("CMan")
Re: MS Word Master Password ("CMan")
Re: Just Curious. Are girls/women interested ([EMAIL PROTECTED])
Re: RC5 / 4 (=?ISO-8859-1?Q?H=E4m=E4l=E4inen?= Panu)
Re: Blowfish Implementation (Boris Kazak)
----------------------------------------------------------------------------
From: "CMan" <[EMAIL PROTECTED]>
Subject: Re: MS Word Master Password
Date: Tue, 1 Aug 2000 20:16:45 -0700
No, that's not what I said.
This scheme simply super encrypts the 48 bytes of key related material in
the Word Document "1Table" Stream. This is the data that Word uses to test
a password to see if it is the valid password for the file. ANY corruption,
even one bit, makes the file recovery essentially impossible because Word
will take the first 16 bytes of this data and use it as a salt to combine
with the applied password to get a hash that is then compared with an
encrypted has stored in the next 32 bytes. If the password does not hash out
to the correct value, it won't attempt to open the file.
The RC4 key for the file is still recoverable (from analysis of the text and
this is very time consuming) but NOT THE PASSWORD. I could prevent the
recovery of the RC4 key also but that would enhance the cipher to the point
that it would probably not be exportable. Recovering an RC4 key for one file
does not help in recovering a key for any other file because Word salts all
passwords with a "random value" and hashes them together to produce a 40 bit
key (the remainder of the hash is discarded).
You see the beauty of this scheme is that the underlying Word cipher is not
altered. It is still a 40 bit cipher but the password guessing attacks are
shot out of the sky. This last fact is undeniable (assuming the hash is
good).
So you get the benefits of a one time pad to prevent password attacks but
the one time pad is only 16 bytes long.
JK
--
CRAK Software
http://www.crak.com
Password Recovery Software
QuickBooks, Quicken, Access...More
Spam bait (credit E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
webmaster@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Rex Stewart <[EMAIL PROTECTED]> wrote in message
news:8m7r6t$p0i$[EMAIL PROTECTED]...
> Gotta quit posting when tired.
> Couple of corrections.
> Your site says most of what was in my last post.
>
> 1. I was unaware MS was still using a password
> check field in their documents.
> (I thought when I first read your page you
> were double encrypting the first 48 characters
> of the RC4 encypered text - my mistake.)
> 2. I do take issue that the recovery of the RC4 encrypted
> text would not provide the user key used to encrypt
> the document. Is their some other factor added to
> the user key before keying the RC4 cypher that would
> prevent this?
>
>
> In article <6xJh5.792$[EMAIL PROTECTED]>,
> "CMan" <[EMAIL PROTECTED]> wrote:
> > I have published the software details and
> > algorithm for the 48 bit one time
> > pad generator that protects any Word
> > document from password guessing
> > attacks. That is, 48 bits of the
> > Word document are changed, and the
> > password can no longer be guessed
> > even if it is 1 character.
> >
> > See http://www.crak.com/masterpa.htm
> >
> > JK
> >
> > --
> > CRAK Software
> > http://www.crak.com
> > Password Recovery Software
> > QuickBooks, Quicken, Access...More
> > Spam bait (credit E. Needham):
> > root@localhost
> > postmaster@localhost
> > admin@localhost
> > abuse@localhost
> > webmaster@localhost
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> >
> >
>
> --
> Rex Stewart
> PGP Print 9526288F3D0C292D 783D3AB640C2416A
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: "CMan" <[EMAIL PROTECTED]>
Subject: Re: MS Word Master Password
Date: Tue, 1 Aug 2000 20:19:25 -0700
No, that's not what I said.
This scheme simply super encrypts the 48 bytes of key related material in
the Word Document "1Table" Stream. This is the data that Word uses to test
a password to see if it is the valid password for the file. ANY corruption,
even one bit, makes the file recovery essentially impossible because Word
will take the first 16 bytes of this data and use it as a salt to combine
with the applied password to get a hash that is then compared with an
encrypted has stored in the next 32 bytes. If the password does not hash out
to the correct value, it won't attempt to open the file.
The RC4 key for the file is still recoverable (from analysis of the text and
this is very time consuming) but NOT THE PASSWORD. I could prevent the
recovery of the RC4 key also but that would enhance the cipher to the point
that it would probably not be exportable. Recovering an RC4 key for one file
does not help in recovering a key for any other file because Word salts all
passwords with a "random value" and hashes them together to produce a 40 bit
key (the remainder of the hash is discarded).
You see the beauty of this scheme is that the underlying Word cipher is not
altered. It is still a 40 bit cipher but the password guessing attacks are
shot out of the sky. This last fact is undeniable (assuming the hash is
good).
So you get the benefits of a one time pad to prevent password attacks but
the one time pad is only 16 bytes long.
JK
--
CRAK Software
http://www.crak.com
Password Recovery Software
QuickBooks, Quicken, Access...More
Spam bait (credit E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
webmaster@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Rex Stewart <[EMAIL PROTECTED]> wrote in message
news:8m7r6t$p0i$[EMAIL PROTECTED]...
> Gotta quit posting when tired.
> Couple of corrections.
> Your site says most of what was in my last post.
>
> 1. I was unaware MS was still using a password
> check field in their documents.
> (I thought when I first read your page you
> were double encrypting the first 48 characters
> of the RC4 encypered text - my mistake.)
> 2. I do take issue that the recovery of the RC4 encrypted
> text would not provide the user key used to encrypt
> the document. Is their some other factor added to
> the user key before keying the RC4 cypher that would
> prevent this?
>
>
> In article <6xJh5.792$[EMAIL PROTECTED]>,
> "CMan" <[EMAIL PROTECTED]> wrote:
> > I have published the software details and
> > algorithm for the 48 bit one time
> > pad generator that protects any Word
> > document from password guessing
> > attacks. That is, 48 bits of the
> > Word document are changed, and the
> > password can no longer be guessed
> > even if it is 1 character.
> >
> > See http://www.crak.com/masterpa.htm
> >
> > JK
> >
> > --
> > CRAK Software
> > http://www.crak.com
> > Password Recovery Software
> > QuickBooks, Quicken, Access...More
> > Spam bait (credit E. Needham):
> > root@localhost
> > postmaster@localhost
> > admin@localhost
> > abuse@localhost
> > webmaster@localhost
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> >
> >
>
> --
> Rex Stewart
> PGP Print 9526288F3D0C292D 783D3AB640C2416A
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Just Curious. Are girls/women interested
Date: Wed, 02 Aug 2000 03:21:42 GMT
It was not a setup! Really. Swear to the Almighty God. It was an honest
quest for knowledge. But it does occur to me now that it makes a good
setup! Maybe I will try it on other boards for fun :)
BTW is "Hey baby what's your prime" a classic joke or something? I spent
a long time on my answer.
--Sisi
In article <OO#okEB$$GA.318@cpmsnbbsa07>,
"Joseph Ashwood" <[EMAIL PROTECTED]> wrote:
> WARNING: Going more off topic, and potentially more offensive,
especially to
> chauvanists and/or guys that still think "Hey baby what's your prime"
will
> work.
>
> <[EMAIL PROTECTED]> wrote in message
news:8m7ljp$kva$[EMAIL PROTECTED]...
> > Your joke shows how male-dominated this field is. I'm sure the last
> > female on earth has been driven away. :)
> I will not make the obvious heavenly observation, I will not make the
> obvious heavenly observation.
>
> >
> > But thanks to all the posters here, we know there are women and they
are
> > GOOD!
> Maybe it's just me, but can this setup be made any easier? It's so
hard to
> resist.
>
> >
> > So next time you ask a hot chick "Hey baby what's your prime?" she
just
> > might answer you "2-0-6 mod fifty-nine". BTW that's my age.
>
> Gee, and I would've thought the answer would be 5, if for no other
reason
> than that's the number of red marks on his face for using such a
stupid
> pickup line.
> Joe
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: =?ISO-8859-1?Q?H=E4m=E4l=E4inen?= Panu <[EMAIL PROTECTED]>
Subject: Re: RC5 / 4
Date: 2 Aug 2000 05:19:04 GMT
rlogin <[EMAIL PROTECTED]> wrote:
: 1. I'm looking for the source code of RC5 or RC4.
: 2. What is the best stream cipher, and where can I get its source
: code?
Try <ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/>. There are a number of
different ciphers there.
--
Panu H�m�l�inen, [EMAIL PROTECTED]
Digital and Computer Systems Lab.
Tampere University of Tech., Finland
------------------------------
From: Boris Kazak <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Blowfish Implementation
Date: Wed, 02 Aug 2000 05:24:26 GMT
Joseph Stein wrote:
>
> char *str;
> str = "MyStringToEncrypt";
>
> how would this get put into the
> long plaintext in your implementation
>
> and then how to get plaintext back to char
>
> I know that if I have a string of only numbers I can use strtoul() but
>
> I am still kinda lost in what you are explaining. =)
=================================
Just for you two short routines, they are self-explanatory.
/*******************************/
word32 MakeH1( ByteType *B )
/*
Assemble a word32 from the four bytes provided.
*/
{
union {
unsigned long All ;
ByteType Byte[4] ;
} RetVal ;
RetVal.Byte[0] = *B++ ;
RetVal.Byte[1] = *B++ ;
RetVal.Byte[2] = *B++ ;
RetVal.Byte[3] = *B ;
return RetVal.All ;
}
/****************************/
void DissH1( word32 H, ByteType *D )
/*
Disassemble the given halfword into 4 bytes.
*/
{
union {
word32 All ;
ByteType Byte[4] ;
} T ;
T.All = H ;
*D++ = T.Byte[0] ;
*D++ = T.Byte[1] ;
*D++ = T.Byte[2] ;
*D = T.Byte[3] ;
}
/****************************/
So get your input as a string (array of bytes), then assemble
the 32-bit words, or when done, disassemble 32-bit words into
bytes.
Best wishes BNK
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
