Cracking AES

Adam Smith
Mon May 12 07:02:03 2003


I have recently had a hardware token to awry, so I got my backup keys
from the secure location where I stored them two years ago, but I
protected the backup using AES256 with a pass phrase consisting of every
password I've ever used before concatenated together.

I remember all of them except for the strongest one; 32 characters of
upper case, lower case, all symbols, and an ASCII character thrown in
there.  I remember a good number of it, however, and think that with
about 10E10 attempts I should be able to get it.  This is
computationally a walk in the park but I have to get my environment set
up to try all of these.

I run a mixed Win32/OpenBSD environment but am far more familiar with
Windows.  I set up a batch file like so:

@echo off
echo GUESS1|gpg.exe -q --passphrase-fd 0 --output text.out --decrypt
echo GUESS2|gpg.exe -q --passphrase-fd 0 --output text.out --decrypt

This does not work for me, however, because GPG messes up when you try
to feed it a '&' through this method (I'm escaping all of the special
characters in echo using a '^' but can't find an escape character for
GPG).  Any suggestions

Even if it did work, however, I'd still like to be able to do more than
8 tries per second.  With the right kind of coding I should be able to
easily get 10,000 tries/second but do not have any experience.  Is
source code available for the Windows binary (I could not find it)?
Anyone ever done this before?

Adam Smith