Funny problem about symmetric encryption

Discussion in 'Computer Security' started by Alexandre Oberlin, Nov 14, 2006.

  1. Hi all,

    I have a file encrypted with GPG symmetric encryption (CAST5). The
    passphrase had been given on command line (no keyring used).
    I happen to have the original file as well.
    I guess not but: is there a way to retrieve the passphrase that I used
    to encrypt the file ?

    Thanks for any suggestion,

    AO
     
    Alexandre Oberlin, Nov 14, 2006
    #1
    1. Advertising

  2. Zawarto¶æ nag³ówka ["Followup-To:" comp.os.linux.security.]
    On 14.11.2006, Alexandre Oberlin <> wrote:
    > I have a file encrypted with GPG symmetric encryption (CAST5). The
    > passphrase had been given on command line (no keyring used).
    > I happen to have the original file as well.
    > I guess not but: is there a way to retrieve the passphrase that I used
    > to encrypt the file ?


    Assume that there is way to retrieve passphrase. What then would be
    encryption for?

    And remember to set Followup-To: header when crossposting.

    --
    <Kosma> Niektórzy lubi± dozziego...
    <Kosma> Oczywi¶cie szanujemy ich.
    Stanislaw Klekot
     
    Stachu 'Dozzie' K., Nov 14, 2006
    #2
    1. Advertising

  3. On Tue, 14 Nov 2006 18:36:16 +0100, Alexandre Oberlin wrote:

    > Hi all,
    >
    > I have a file encrypted with GPG symmetric encryption (CAST5). The
    > passphrase had been given on command line (no keyring used).
    > I happen to have the original file as well.
    > I guess not but: is there a way to retrieve the passphrase that I used
    > to encrypt the file ?
    >
    > Thanks for any suggestion,
    >
    > AO


    You are hoping for a "known plaintext attack",
    and it does make it easier to crack the key,
    but it will probably still take a LOT of work.
    .... try the sci.*crypto* groups and work for years...

    You are trying to defeat the very point of crypto.
    Good luck.
    Brute force on a short key is your best hope in the short term.
     
    Mike Anonymous Coward, Nov 15, 2006
    #3
  4. Alexandre Oberlin

    Ludovic Joly Guest

    > I guess not but: is there a way to retrieve the passphrase that I used
    > to encrypt the file ?


    You need to attack the passphrase, ie try to find it by trying some
    passphrases and see if you can decrypt the file.

    Without any advantage, the issue of the attack depends on the strength
    of the passphrase.

    Since you seem to be the one who originally set the passphrase, you can
    think of how you build (or used to build) passphrases: do you use a
    particular method, like using a well known sentence, replacing some
    letters with numbers, or any other possible method? Such a reflexion
    might allow you to define one or several algorithms to construct
    (potentially very big) lists (dictionaries) of passphrases to test.
    Such an "intelligent" dictionary attack has more chances to be
    successful than a brute force attack. And who knows? Maybe you remember
    the passphrase?

    Kind regards
    Ludovic
     
    Ludovic Joly, Nov 15, 2006
    #4
  5. Mike Anonymous Coward wrote:

    > You are hoping for a "known plaintext attack",
    > and it does make it easier to crack the key,
    > but it will probably still take a LOT of work.

    I read on http://bent.latency.net/crypto/crypto-summary.html.gz
    that "known plain text" does not help a lot with good symmetric ciphers.

    I am getting ready to forget about a month of saved notes, but what is
    exasperating is that I don't understand what happened, so it could very
    well happen again.


    The best evidence of intelligent life out there, is that none of them
    have contacted us.
    -- Anonymous

    Alexandre Oberlin
    http://www.migo.info/
     
    Alexandre Oberlin, Nov 15, 2006
    #5
  6. Ludovic Joly wrote:
    >> I guess not but: is there a way to retrieve the passphrase that I used
    >> to encrypt the file ?

    >
    > You need to attack the passphrase, ie try to find it by trying some
    > passphrases and see if you can decrypt the file.
    >
    > Without any advantage, the issue of the attack depends on the strength
    > of the passphrase.
    >
    > Since you seem to be the one who originally set the passphrase, you can
    > think of how you build (or used to build) passphrases: do you use a
    > particular method, like using a well known sentence, replacing some
    > letters with numbers, or any other possible method? Such a reflexion
    > might allow you to define one or several algorithms to construct
    > (potentially very big) lists (dictionaries) of passphrases to test.
    > Such an "intelligent" dictionary attack has more chances to be
    > successful than a brute force attack. And who knows? Maybe you remember
    > the passphrase?
    >


    Well I did exactly that: tried some thousands of possible typing errors
    from the passphrase that I currently use for such things (mixed letters
    and digits from an azerty keyboard).
    Yet the mystery persists...
    I have been wondering if there was not an obscure keymap related problem.

    Thanks for your hints,

    AO


    --
    The best evidence of intelligent life out there, is that none of them
    have contacted us.
    -- Anonymous

    Alexandre Oberlin
    http://www.migo.info/
     
    Alexandre Oberlin, Nov 15, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. The Rev [MCT]
    Replies:
    42
    Views:
    1,552
  2. =?iso-8859-1?Q?-=3D|__=28=BAL=BA=29__|=3D-____o=3D

    Which hard drive encryption program has the strongest tested encryption & security?

    =?iso-8859-1?Q?-=3D|__=28=BAL=BA=29__|=3D-____o=3D, Sep 24, 2004, in forum: Computer Security
    Replies:
    6
    Views:
    3,861
    Kornholio
    Feb 20, 2008
  3. joevan
    Replies:
    0
    Views:
    627
    joevan
    Jun 29, 2006
  4. Bling-Bling

    Gigabit symmetric broadband...

    Bling-Bling, Apr 24, 2005, in forum: NZ Computing
    Replies:
    41
    Views:
    1,417
    Steve
    Apr 26, 2005
  5. The Doctor
    Replies:
    5
    Views:
    508
    The Doctor
    Jan 20, 2013
Loading...

Share This Page