Cracking AES
Adam Smith
adam@viratech.com
Mon May 12 07:02:03 2003
Greetings!
I have recently had a hardware token to awry, so I got my backup keys
from the secure location where I stored them two years ago, but I
protected the backup using AES256 with a pass phrase consisting of every
password I've ever used before concatenated together.
I remember all of them except for the strongest one; 32 characters of
upper case, lower case, all symbols, and an ASCII character thrown in
there. I remember a good number of it, however, and think that with
about 10E10 attempts I should be able to get it. This is
computationally a walk in the park but I have to get my environment set
up to try all of these.
I run a mixed Win32/OpenBSD environment but am far more familiar with
Windows. I set up a batch file like so:
@echo off
echo GUESS1|gpg.exe -q --passphrase-fd 0 --output text.out --decrypt
text.pgp
echo GUESS2|gpg.exe -q --passphrase-fd 0 --output text.out --decrypt
text.pgp
...
This does not work for me, however, because GPG messes up when you try
to feed it a '&' through this method (I'm escaping all of the special
characters in echo using a '^' but can't find an escape character for
GPG). Any suggestions
Even if it did work, however, I'd still like to be able to do more than
8 tries per second. With the right kind of coding I should be able to
easily get 10,000 tries/second but do not have any experience. Is
source code available for the Windows binary (I could not find it)?
Anyone ever done this before?
Thanks!
Adam Smith