On Tuesday 12 December 2006 12:14, Ian Cheong wrote: > By wide availability, I read wide availablity of a commercial program > by Elcomsoft running on Windows only... > http://www.cs.cmu.edu/~dst/Adobe/Gallery/ > http://www.elcomsoft.com/prs.html
well, by wide availability I mean just enter the term "pdf password recovery" into any peer2peer client and see for yourself. Most passwords that users can memorize can be effectively brute force cracked too - provided it is possible to extract the password hash against whcih brute force attempts can be compared. Symmetric encryption algorithms that do NOT store any password hashes along with the encrypted file are waaaaaaay harder to crack - in fact, brute force attacks even with short pure alphabetic passwords are already mostly unfeasible because you have no other option but decryptingt the whole ciphertext and checking the result for every single password you try (as opposed to simply compare the generated hash with the ciphertext associated hash) Adobe allows "user" and "owner" cryptographic techniques. "user" techniques can be disabled almost instantly "owner" techniques ccan be attempted to be cracked by brute force, because the hash to test against is simple to extract - unless the chose password is mostly unmemorable by humans or long+complex Horst _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
