«

Hi all,

I have a file encrypted with GPG symmetric encryption (CAST5). The
passphrase had been given on command line (no keyring used).
I happen to have the original file as well.
I guess not but: is there a way to retrieve the passphrase that I used
to encrypt the file ?

Thanks for any suggestion,

AO

Zawarto¶æ nag³ówka ["Followup-To:" comp.os.linux.security.]
On 14.11.2006, Alexandre Oberlin <> wrote:
> I have a file encrypted with GPG symmetric encryption (CAST5). The
> passphrase had been given on command line (no keyring used).
> I happen to have the original file as well.
> I guess not but: is there a way to retrieve the passphrase that I used
> to encrypt the file ?

Assume that there is way to retrieve passphrase. What then would be
encryption for?

And remember to set Followup-To: header when crossposting.

--
<Kosma> Niektórzy lubi± dozziego...
<Kosma> Oczywi¶cie szanujemy ich.
Stanislaw Klekot

On Tue, 14 Nov 2006 18:36:16 +0100, Alexandre Oberlin wrote:

> Hi all,
>
> I have a file encrypted with GPG symmetric encryption (CAST5). The
> passphrase had been given on command line (no keyring used).
> I happen to have the original file as well.
> I guess not but: is there a way to retrieve the passphrase that I used
> to encrypt the file ?
>
> Thanks for any suggestion,
>
> AO

You are hoping for a "known plaintext attack",
and it does make it easier to crack the key,
but it will probably still take a LOT of work.
.... try the sci.*crypto* groups and work for years...

You are trying to defeat the very point of crypto.
Good luck.
Brute force on a short key is your best hope in the short term.

> I guess not but: is there a way to retrieve the passphrase that I used
> to encrypt the file ?

You need to attack the passphrase, ie try to find it by trying some
passphrases and see if you can decrypt the file.

Without any advantage, the issue of the attack depends on the strength
of the passphrase.

Since you seem to be the one who originally set the passphrase, you can
think of how you build (or used to build) passphrases: do you use a
particular method, like using a well known sentence, replacing some
letters with numbers, or any other possible method? Such a reflexion
might allow you to define one or several algorithms to construct
(potentially very big) lists (dictionaries) of passphrases to test.
Such an "intelligent" dictionary attack has more chances to be
successful than a brute force attack. And who knows? Maybe you remember
the passphrase?

Kind regards
Ludovic

Mike Anonymous Coward wrote:

> You are hoping for a "known plaintext attack",
> and it does make it easier to crack the key,
> but it will probably still take a LOT of work.
I read on http://bent.latency.net/crypto/crypto-summary.html.gz
that "known plain text" does not help a lot with good symmetric ciphers.

I am getting ready to forget about a month of saved notes, but what is
exasperating is that I don't understand what happened, so it could very
well happen again.


The best evidence of intelligent life out there, is that none of them
have contacted us.
-- Anonymous

Alexandre Oberlin
http://www.migo.info/

Ludovic Joly wrote:
>> I guess not but: is there a way to retrieve the passphrase that I used
>> to encrypt the file ?
>
> You need to attack the passphrase, ie try to find it by trying some
> passphrases and see if you can decrypt the file.
>
> Without any advantage, the issue of the attack depends on the strength
> of the passphrase.
>
> Since you seem to be the one who originally set the passphrase, you can
> think of how you build (or used to build) passphrases: do you use a
> particular method, like using a well known sentence, replacing some
> letters with numbers, or any other possible method? Such a reflexion
> might allow you to define one or several algorithms to construct
> (potentially very big) lists (dictionaries) of passphrases to test.
> Such an "intelligent" dictionary attack has more chances to be
> successful than a brute force attack. And who knows? Maybe you remember
> the passphrase?
>

Well I did exactly that: tried some thousands of possible typing errors
from the passphrase that I currently use for such things (mixed letters
and digits from an azerty keyboard).
Yet the mystery persists...
I have been wondering if there was not an obscure keymap related problem.

Thanks for your hints,

AO


--
The best evidence of intelligent life out there, is that none of them
have contacted us.
-- Anonymous

Alexandre Oberlin
http://www.migo.info/