Cracking AES

David Shaw dshaw@jabberwocky.com
Fri May 16 03:55:48 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, May 12, 2003 at 12:04:00AM -0500, Adam Smith wrote:
> I run a mixed Win32/OpenBSD environment but am far more familiar with
> Windows.  I set up a batch file like so:
> 
> @echo off
> echo GUESS1|gpg.exe -q --passphrase-fd 0 --output text.out --decrypt
> text.pgp
> echo GUESS2|gpg.exe -q --passphrase-fd 0 --output text.out --decrypt
> text.pgp
> ...
> 
> This does not work for me, however, because GPG messes up when you try
> to feed it a '&' through this method (I'm escaping all of the special
> characters in echo using a '^' but can't find an escape character for
> GPG).  Any suggestions

I'm curious why you're having a problem with '&'.  The only character
that should be a unusable via passphrase-fd is a newline.

> Even if it did work, however, I'd still like to be able to do more than
> 8 tries per second.  With the right kind of coding I should be able to
> easily get 10,000 tries/second but do not have any experience.  Is
> source code available for the Windows binary (I could not find it)?
> Anyone ever done this before?

The source code for all versions of GnuPG is available at
ftp://ftp.gnupg.org.  The Windows code is the same as the Unix code
(more or less).  Read the code in g10/seckey-cert.c and
g10/passphrase.c, in particular, for the code that handles secret key
decryption.  You should be able to hotwire it to do what you want.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+w/zj4mZch0nhy8kRArVuAJ98MosM/jRbMMj9Jcswr4SM75drggCgmwTJ
wg9fGrrb+zj6jx26SjEDgMM=
=MVt5
-----END PGP SIGNATURE-----