From: Paul Bradley <paul@fatmans.demon.co.uk>
To: “Wasim Q. Malik” <wmalik@sdnpk.undp.org>
Message Hash: c14d6b34cf8c9b5b92adb57d86ff75fb37a7cc96aac4da5b9b626e2d927cb7f9
Message ID: <Pine.LNX.3.91.970622171143.170B-100000@fatmans.demon.co.uk>
Reply To: <Pine.LNX.3.95.970622144439.10853D-100000@sdnpk.undp.org>
UTC Datetime: 1997-06-23 00:16:13 UTC
Raw Date: Mon, 23 Jun 1997 08:16:13 +0800
From: Paul Bradley <paul@fatmans.demon.co.uk>
Date: Mon, 23 Jun 1997 08:16:13 +0800
To: "Wasim Q. Malik" <wmalik@sdnpk.undp.org>
Subject: Re: Decrypting DES
In-Reply-To: <Pine.LNX.3.95.970622144439.10853D-100000@sdnpk.undp.org>
Message-ID: <Pine.LNX.3.91.970622171143.170B-100000@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain
> * The key has to be stored somewhere in the file, in whatever form,
> with which the entered key is compared. It could somehow be gotten hold
> of from there. Perhaps a hex editor could be used to scan the first few
> bytes of a file for the key.
No, the keys are not stored in the files in anything worth it`s salt, and
if it is a passwd file it`ll be hashed anyway.
Depends entirely on the software, there are freely available crackers for
files from a lot of micro$oft stuff, and some other popular programs such
as pkzip etc... Otherwise get a good cryptgrapher to look at the
software, run a sniffer on the network, a keygrabber on the machine, or
give up.
For a good introduction covering much of the stuff you need try the
sci.crypt FAQ.
Datacomms Technologies data security
Paul Bradley, Paul@fatmans.demon.co.uk
Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org
Http://www.cryptography.home.ml.org/
Email for PGP public key, ID: FC76DA85
"Don`t forget to mount a scratch monkey"
Return to June 1997
Return to ““Wasim Q. Malik” <wmalik@sdnpk.undp.org>”