05-16-2020, 03:55 AM
(05-15-2020, 12:59 PM)philsmd Wrote: oh... are you mpalmer on github ? yeah, I see that there are some still open PRs, I think atom/jsteube is busy a lot, but I will try to ping him on IRC etc. normally it doesn't take that long (I think one reason could be that we/he saw that some PRs were still incomplete or were updated a lot... so might have decided to wait a little bit etc)...
The PKCS#1 module I'm still not 100% happy with, but the two small ones should be ready to go.
(05-15-2020, 12:59 PM)philsmd Wrote: Actually, what comes to my mind now is that it would be great to find some "collision" (or just another password that would work) and try to decrypt the file with that "wrong" password.... would this be feasible for you to test... it might take some time to find a collision, but you could be lucky. It would be interesting to see if the software is able to reject the collision (wrong password, but still correct "checksum"/quick check)
Finding a collision, given that it's only a 32-bit check value and the module runs at 170MH/s or so even on my laptop, isn't very hard. I got one already, and lo! it can detect that the file was decrypted incorrectly (it doesn't say "wrong password", but I know what it means). There's a second header inside the ciphertext with a 32-bit magic value, so between the 32-bit initial check and the post-decryption magic value check, the false positive rate should be ~2^(-64). The only problem is that now I've got to implement that unhinged key generation algorithm, and per-cipher suite kernels for the decryption...
(05-15-2020, 04:13 PM)0x4n6 Wrote: Thank you! When Romeo first contacted me and told me about this and mentioned blowfish, I said "oh hashcat supports that!", after reading the documentation and exploring the source code, I came to find out it was using blowfish to encrypt the data, but they key derivation algorithm was laughable.
Looks like speeds are impressive for the given hardware.
Yeah, this should absolutely *scream* on a decent GPU. Doing a single MD5, a few XORs, and a compare is not big work.