so you know exactly 4 "bytes" of 8 bytes of the key ? (just remember that of the 8 "bytes" == 8 * 8 bits = 64 bits, 8 of them are parity bits, therefore it's 8*8 - 8 = 64 bits - 8 bits = 56 bits). we have the hashcat charset file (.hcchr) under charsets/DES_full.charset that can be used together with --hex-charset for a mask attack with DES/3DES
One strategy could be to just load the different "hashes", i.e. different hash:plain_text variations in hashcat. That should work already. so at maximum you have as you said 256 * 256 = 65536 hashes. Of course this makes the cracking slower by a constant factor of 65536 almost exactly.
But can't you just limit the plaintext even further ? normally the plain text is not just random bytes and therefore this strategy could work if you reduce the number of variations (charactes used in the unknown plain text bytes). Is it really binary data used as plain text ?
One strategy could be to just load the different "hashes", i.e. different hash:plain_text variations in hashcat. That should work already. so at maximum you have as you said 256 * 256 = 65536 hashes. Of course this makes the cracking slower by a constant factor of 65536 almost exactly.
But can't you just limit the plaintext even further ? normally the plain text is not just random bytes and therefore this strategy could work if you reduce the number of variations (charactes used in the unknown plain text bytes). Is it really binary data used as plain text ?