I just want to know the exact formula (or algorithm) used for generating the pseudo random values used in encrypting the zip file. I am trying to create a password hacker(for zip files) and I also require to know how to verify if the random password generated by my program is correct. I have tried searching for an answer to this in Google but I could't find a direct solution.
I am trying to program this zip hacker in c++.
note: by formula (or algorithm) I meant: key derivation function.
I just want the necessary information as quick as possible, that's why I posted it here!
Different versions of zip-files do it differently, but basically you have an encryption-header specifying what encryption is used according to the zip-file specification.
For example, the strong encryption header looks like below and specifies the encryption algorithm in the AlgID-field.
4.5.12 -Strong Encryption Header (0x0017):
Value Size Description
----- ---- -----------
0x0017 2 bytes Tag for this "extra" block type
TSize 2 bytes Size of data that follows
Format 2 bytes Format definition for this record
AlgID 2 bytes Encryption algorithm identifier
Bitlen 2 bytes Bit length of encryption key
Flags 2 bytes Processing flags
CertData TSize-8 Certificate decryption extra field data
(refer to the explanation for CertData
in the section describing the
Certificate Processing Method under
the Strong Encryption Specification)
7-zip uses AES-256 encrpytion for 7z/zip archives.(see here)
7-Zip also supports encryption with AES-256 algorithm. This algorithm uses cipher key with length of 256 bits. To create that key 7-Zip uses derivation function based on SHA-256 hash algorithm. A key derivation function produces a derived key from text password defined by user. For increasing the cost of exhaustive search for passwords 7-Zip uses big number of iterations to produce cipher key from text password.
Also, keep in mind that Brute force attacks are a waste of time. I won't go into details why, I will instead direct you to Jeff Atwood's blog, he has an excellent post.
Related
I've found a lot of questions asking this but some of the explanations were very difficult to understand and I couldn't quite grasp the concept of how to efficiently decompress the file.
I have found these related questions:
Huffman code with lookup table
How to decode huffman code quickly?
But I fail to understand the explanation. I know how to encode and decode a huffman tree regularly. Right now in my compression program I can write any of the following information to file
symbol
huffman code (unsigned long)
huffman code length
What I plan to do is get a text file, separate it into small text files and compress each individually and then decompress that file by sending all the small compressed files with their respective lookup table (don't know how to do this part) to a Nvidia GPU to try to decompress the file in parallel using some sort of look up table.
I have 3 questions:
What information should I write to file in the header to construct the look up table?
How do I recreate this table from file?
How do I use it to decode the huffman encoded file quickly?
Don't bother writing it yourself, unless this is a didactic exercise. Use zlib, lz4, or any of several other free compression/decompression libraries out there that are far better tested than anything you'll be able to do.
You are only talking about Huffman coding, indicating that you would only get a small portion of the available compression. Most of the compression in the libraries mentioned come from matching strings. Look up "LZ77".
As for efficient Huffman decoding, you can look at how zlib's inflate does it. It creates a lookup table for the most-significant nine bits of the code. Each entry in the table has either a symbol and numbers of bits for that code (less than or equal to nine), or if the provided nine bits is a prefix of a longer code, that entry has a pointer to another table to resolve the rest of the code and the number of bits needed for that secondary table. (There are several of these secondary tables.) There are multiple entries for the same symbol if the code length is less than nine. In fact, 29-n multiple entries for an n-bit code.
So to decode you get nine bits from the input and get the entry from the table. If it is a symbol, then you remove the number of bits indicated for the code from your stream and emit the symbol. If it is a pointer to a secondary table, then you remove nine bits from the stream, get the number of bits indicated by the table, and look it up there. Now you will definitely get a symbol to emit, and the number of remaining bits to remove from the stream.
I'm having trouble encrypting data with node and decrypting with RNCryptor. My understanding is that RNCryptor uses a special data format?
The cryptotext is being generated as follows:
var crypto = require('crypto');
var cipher = crypto.createCipher('aes-256-cbc','InmbuvP6Z8');
var text = "123|123123123123123";
var crypted = cipher.update(text,'utf8','base64');
crypted += cipher.final('base64');
And I'm decrypting like this:
[RNDecryptor decryptData:plainText withPassword:password error:&error];
How am I supposed to do this? When I try to decrypt currently I get an empty NSData and no error.
Yes, RNCryptor outputs encrypted data in its own format. If you build this format in your own encryption code (and use the same encryption params), you can pass it to JNCryptor to decrypt.
For RNCryptor format version 3, the first 34 bytes are as follows:
byte[0] is the version (3).
byte[1] defines whether a password or a key is used (1 for password, 0 for key).
bytes[2-9] carry the encryption salt.
bytes[10-17] carry the HMAC salt.
bytes[18-33] carry the IV.
Then comes the encrypted ciphertext.
Then the last 32 bytes hold the (SHA256) HMAC for the ciphertext.
The spec is here: https://github.com/RNCryptor/RNCryptor-Spec/blob/master/RNCryptor-Spec-v3.md
RNCryptor is more than just encryption, it is an entire secure "stack" including authentication, password key derivation, versioning and random iv. Since your encryption is just the encryption portion it will be incompatible.
Either use RNCryptor for the encryption or change to a simple decryption method. Since the question has a commoncrypto tag and the encryption code look like it might be Swift (there is no language tag) just consider using Common Crypto in Objective-C for the decryption. See the SO answer for example code.
I am trying to use the intel_aes_c library with C++ on Visual Studio to create an encryption method that encrypts in 32-byte block sizes, but even when doing a #define BLOCK_SIZE (32) does not really help.
In general, I would like to ask how I can set block sizes in the Intel AES-NI Sample Library. Any help or clarification to point me in the right way would be greatly appreciated, thank you!
As far as I am aware the block size of plain text cannot be changed (if you are to encrypt it) with AES-NI. This is specified by Intel:
The AES algorithm works by encrypting a fixed block size of 128 bits of plain text in several rounds to produce the final encrypted cipher text. The number of rounds (10, 12, or 14) used depends on the key length (128b, 192b, or 256b). Each round performs a sequence of steps on the input state, which is then fed into the following round. Each round is encrypted using a subkey that is generated using a key schedule. For more details on AES please refer to 1. - Link
The reference mentioned at the end ( 1 ) refers to a wikipedia article about AES which states:
AES is a variant of Rijndael which has a fixed block size of 128 bits,
and a key size of 128, 192, or 256 bits.
I am learning Cryptography and using OPENSSL to implement whatever I am learning. Recently, I found one of the assignment questions and am trying to solve it. I don't have problem understanding most of the questions but this one.
4 Task 2: One-Way Property versus Collision-Free Property
In this task, we will investigate the difference between two properties of common hash functions: one-way
property versus collision-free property. We will use the brute-force method to see how long it takes to break
each of these properties. Instead of using openssl’s command-line tools, you are required to write your
own C program to invoke the message digest functions in openssl’s crypto library. Docs can be found at
http://www.openssl.org/docs/crypto/EVP_DigestInit.html.
Laboratory for Computer Security Education, CMSC 414, Spring 2013
2
Since most of the hash functions are quite strong against the brute-force attack on those two properties,
it will take us years to break them using the brute-force method. To make the task feasible, in all of this
project we reduce the length of the hash value to 24 bits. We can use any one-way hash function, but we
only use the first 24 bits of the hash value.
Write a program that, given a 24-bit hash value, finds a matching text (only lower-case ASCII charac-
ters). Your program will have to repeatedly 1) generate a random text, 2) hash it, 3) compare lower 24 bits
to the input.
Your program (source must be called task2.c) will be called as follows:
./task2 <digest name> <hash value>
e.g, ./task2 sha256 2612c7. . . and your program must write the winning text to task2.out.
Please ensure the output is readable and writable, i.e.:
open("task2.out", O`enter code here` WRONLY | O CREAT, 0644);
We will verify with command line tools, e.g., openssl dgst -sha256 task2.out.
Question: How many texts did you have to hash to find a specific hash? (give average of three trials)
I am not able to understand how to start writing my program. Any inputs are greatly appreciated. As I am not solving it for a home work. I am looking for some pointers and not the code.
Well, reading the text to me its clear what is the task, and unclear which part you do not get. Where to start?
create a skeleton program like hello word
create a function that generates a random text
create a function that takes text and a hash-id, and uses openssl to hash it, returning the hash
create a function that extract the lower 24 bits of the hash
create function that takes the command line params and convert them to a 24-bit number that is the looked-for hash and the hash-id to drop at openssl (or exits with error indication)
run a loop that keeps feeding new random strings until the resulting hash matches the req and counts
write the winning text to file and the number to output
do all the remaining tasks from assignment...
The algorithm is well laid out by Balog Pal. Just to add a few things:
In one-way property, you are given a hash and you search for another text with the similar hash.
In collision-free property, you just need to find two texts with similar hashes. So you start by generating two texts and compare their corresponding hashes. If they are the same, you have found a collision. If not, you store the already generated hashes and then generate a new text, find its hash and Compare it with the stored hashes. if any stored hash matches with it, you have found a collision, else store it in the list of stored hashes. Repeat the cycle until you find a collision.
The python implementation of the same can be found at the below link. It includes minimum comments, so you have to figure out everything from the code. Once that is done, then try implementing it in C or java.
https://github.com/arafat1/One-Way-Property-versus-Collision-Free-Property/blob/master/HashProperty.py
My users will in some cases be able to view a web version of a database table that stores data they've entered. For various reasons I need to include all the stored data, including a number of integer flags for each record that encapsulate adjacencies and so forth within the data (this is for speed and convenience at runtime). But rather than exposing them one-for-one in the webview, I'd like to have an obfuscated field that's just called "reserved" and contains a single unintelligible string representing those flags that I can easily encode and decode.
How can I do this efficiently in C++/Objective C?
Thanks!
Is it necessary that this field is exposed to the user visually, or just that it’s losslessly captured in the HTML content of the webview? If possible, can you include the flags as a hidden input element with each row, i.e., <input type=“hidden” …?
Why not convert each of the fields to hex, and append them as a string and save that value?
As long as you always append the strings in the same order, breaking them back apart and converting them back to numbers should be trivial.
Use symmetric encryption (example) to encode and decode the values. Of course, only you should know of the key.
Alternatively, Assymetric RSA is more powerfull encryption but is less efficient and is more complex to use.
Note: i am curios about the "various reasons" that require this design...
Multiply your flag integer by 7, add 3, and convert to base-36. To check if the resulting string is modified, convert back to base-2, and check if the result modulo 7 is still 3. If so, divide by 7 to get the flags. note that this is subject to replay attacks - users can copy any valid string in.
Just calculate a CRC-32 (or similar) and append it to your value. That will tell you, with a very high probability, if your value has been corrupted.