"Robert Relyea" <[EMAIL PROTECTED]> wrote: > > It almost certainly works by attacking the key3.db. If it works in any > other way, then there is something seriously flawed with the SDR code. > The weak link in this case is the choice of password for key3.db. > Since humans tend to pick a finite (small) number of possible > passwords, it's much easier to try to guess the password they picked > and test that then it is to test every possible DES3 key combination. > > If you are ambitious you could write a program that uses the SDR > utility (or library) to take your decrypted output and produce new .s > files with the passwords encrypted with your new SDR key. > > One feature we seem to be missing is the ability to backup your SDR > key. > > bob >
It seems you're saying I need the matching key3.db, which is what I'm missing. I know what my master password was, I just don't have the key3.db anymore. If I generate a new one with the same password, I think there are thousands of permutations it may generate, and all but one of them won't be able to decode my .s file. Correct me if I'm wrong. If that's right, then I'm out of luck. Josh _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
