05-29-2021, 12:35 PM
So just tested this extensively with hashcat v6.2.1.
When truecrypt key file for a truecrypt container (standard or hidden does not matter) is a file of some compression archive type (tested zip, tar.gz and jar), then crack will not work, regardless of attack type (tested wordlist and bruteforce).
Steps to reproduce in TrueCrypt 7.1a:
1. Create new volume / Create an encrypted file container
2. Choose Standard or Hidden, does not matter
3. Choose file name
4. Choose any encryption algo and hash algo (does not matter), but let's say encryption algo AES, hash algo RIPEMD-160
5. Choose some size and simple password, say 'ab'
6. Use key files, and choose a file which is compressed archive, say test.zip (archive could be created from single text file, binary file, or multiple of those, does not matter)
7. Choose filesystem type, say FAT, does not matter, and finish the creation of truecrypt container
8. dd if=<your tc container> of=hash.bin bs=1 count=512 (skip=65536 if hidden volume)
9. hashcat -a 3 -m 6213 hash.bin ?l?l --truecrypt-keyfiles=test.zip
Output:
Session..........: hashcat
Status...........: Exhausted
Hash.Name........: TrueCrypt RIPEMD160 + XTS 512 bit
Hash.Target......: hash.bin
Time.Started.....: Sat May 29 12:29:53 2021 (0 secs)
Time.Estimated...: Sat May 29 12:29:53 2021 (0 secs)
Guess.Mask.......: ?l?l [2]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 4438 H/s (1.35ms) @ Accel:32 Loops:512 Thr:1 Vec:8
Recovered........: 0/1 (0.00%) Digests
Progress.........: 676/676 (100.00%)
Rejected.........: 0/676 (0.00%)
Restore.Point....: 26/26 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:25-26 Iteration:1536-1999
Candidates.#1....: xa -> xq
10. Now create the same container but with key file which is not compressed archive.
11. Cracked
When truecrypt key file for a truecrypt container (standard or hidden does not matter) is a file of some compression archive type (tested zip, tar.gz and jar), then crack will not work, regardless of attack type (tested wordlist and bruteforce).
Steps to reproduce in TrueCrypt 7.1a:
1. Create new volume / Create an encrypted file container
2. Choose Standard or Hidden, does not matter
3. Choose file name
4. Choose any encryption algo and hash algo (does not matter), but let's say encryption algo AES, hash algo RIPEMD-160
5. Choose some size and simple password, say 'ab'
6. Use key files, and choose a file which is compressed archive, say test.zip (archive could be created from single text file, binary file, or multiple of those, does not matter)
7. Choose filesystem type, say FAT, does not matter, and finish the creation of truecrypt container
8. dd if=<your tc container> of=hash.bin bs=1 count=512 (skip=65536 if hidden volume)
9. hashcat -a 3 -m 6213 hash.bin ?l?l --truecrypt-keyfiles=test.zip
Output:
Session..........: hashcat
Status...........: Exhausted
Hash.Name........: TrueCrypt RIPEMD160 + XTS 512 bit
Hash.Target......: hash.bin
Time.Started.....: Sat May 29 12:29:53 2021 (0 secs)
Time.Estimated...: Sat May 29 12:29:53 2021 (0 secs)
Guess.Mask.......: ?l?l [2]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 4438 H/s (1.35ms) @ Accel:32 Loops:512 Thr:1 Vec:8
Recovered........: 0/1 (0.00%) Digests
Progress.........: 676/676 (100.00%)
Rejected.........: 0/676 (0.00%)
Restore.Point....: 26/26 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:25-26 Iteration:1536-1999
Candidates.#1....: xa -> xq
10. Now create the same container but with key file which is not compressed archive.
11. Cracked