05-15-2020, 05:27 AM
That decoding is really helpful -- if the "Folded MD5 of salt+key" is what it sounds like, that'd be the ticket be able to detect whether you've got the correct passphrase -- or at least a good candidate to try. Also, it's independent of the cipher, which is good from a cracking speed perspective, because a few SHA-1s and an MD5 is *hella* fast.
(time passes)
OK, I broke down a downloaded a copy of BFACS, and created a test encrypted file. Turns out, it's even worse (or better, if you're looking to crack the passphrase) than I thought: the "key" in "folded MD5 of salt+key" is not *actually* the key generated by all that SHA-1 shenanigans -- it's actually just:
u32 *h = MD5(salt + key)
h[0] ^ h[1] ^ h[2] ^ h[3]
Of course, you'll get (on average) an FP every 2^32 tries, and the hash rate will be *phenomenal*, being a single round of MD5, so you'll get candidates spewing out fairly regularly, but if you can keep up the rate of copy-paste, you'll probably have an answer pretty quickly.
Also, as far as I can tell, this is all independent of the cipher suite being used. I kinda want to hunt down the guy who wrote this and make sure he isn't running with scissors or anything...
(time passes)
OK, I broke down a downloaded a copy of BFACS, and created a test encrypted file. Turns out, it's even worse (or better, if you're looking to crack the passphrase) than I thought: the "key" in "folded MD5 of salt+key" is not *actually* the key generated by all that SHA-1 shenanigans -- it's actually just:
u32 *h = MD5(salt + key)
h[0] ^ h[1] ^ h[2] ^ h[3]
Of course, you'll get (on average) an FP every 2^32 tries, and the hash rate will be *phenomenal*, being a single round of MD5, so you'll get candidates spewing out fairly regularly, but if you can keep up the rate of copy-paste, you'll probably have an answer pretty quickly.
Also, as far as I can tell, this is all independent of the cipher suite being used. I kinda want to hunt down the guy who wrote this and make sure he isn't running with scissors or anything...