• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Keynote encryption

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Software and Hardware

View previous topic :: View next topic  
Author Message
wyatt
Just Arrived
Just Arrived


Joined: 19 Jun 2008
Posts: 0


Offline

PostPosted: Thu Jun 19, 2008 10:11 am    Post subject: Keynote encryption Reply with quote

Hello,
I was used to write notes with Keynote, a very handy and open source notes management software (http://www.tranglos.com/free/keynote.html)
I lost the password of an important encrypted Keynote file (.knt) which i haven't opened for a long time.
The encryption is either blowfish or idea.
As no recovery tool exists for this software, I was thinking of using the Delphi 3 source code of Keynote (which is available on its website) to develop a custom password recovery tool.
Which method do you think i must try ?
I was planning to create a "brute force" function, with some heuristics (strings i often use in passwords, password construction i often use, etc) to narrow the searches.
What do you think of this ? Any suggestion ?
Back to top
View user's profile Send private message
Elderan
Just Arrived
Just Arrived


Joined: 08 Jun 2007
Posts: 0


Offline

PostPosted: Thu Jun 19, 2008 3:34 pm    Post subject: Reply with quote

Hi,
an attack against blowfish/idea isn't possible, so the only way is a brute force attack.
When you have the source code, to write a tool which tests some passwords would be easy.
Back to top
View user's profile Send private message
wyatt
Just Arrived
Just Arrived


Joined: 19 Jun 2008
Posts: 0


Offline

PostPosted: Fri Jun 20, 2008 8:28 am    Post subject: Reply with quote

Thanks for your reply Smile
You are right.
In fact my biggest problem at this moment is to compile the source with Delphi 3, which i don't know a lot. Confused
Perhaps i could just understand the code (the opening file part) and use another blowfish/idea library in an other language to (try to) unencrypt my file.

Edit: I found a python cryptography toolkit which will hopefully help me. I think it may be easier and faster to use.
Back to top
View user's profile Send private message
Groovicus
Trusted SF Member
Trusted SF Member


Joined: 19 May 2004
Posts: 9
Location: Centerville, South Dakota

Offline

PostPosted: Fri Jun 20, 2008 6:17 pm    Post subject: Reply with quote

I am a bit confused by your reasoning. I don't know much about encryption, but how is having the source code of an application that simply uses blowfish or the like going to help you brute force a password that is encrypted using one of these methods? Presumably the author/s of Keynote just used a library that implements the encryption process.
Back to top
View user's profile Send private message Visit poster's website
Elderan
Just Arrived
Just Arrived


Joined: 08 Jun 2007
Posts: 0


Offline

PostPosted: Fri Jun 20, 2008 8:09 pm    Post subject: Reply with quote

Hi,
@Groovicus: How can you check, that the guessed password was right?

There are so many factors which you have to obtain. How does the tool creates a key from a password?
When your algorithm needs a 128 Bit Key, but you just have just a 8 sing password, how do you get then from 64 bit a 128 bit key?
You can repeat the password, or fill it with 0 or use md5 to get a 128 bit value from the password.
Maybe, the tool uses a key strengthening method?

When you know how the tool gets the key from the password, you have to know wich cipher mode was used. ECB, CBC, PCBC, XTS?
When e.g. CBC was used, where can you find the IV? Maybe, the IV has a fixed value? Is the IV the first block in the file? Or have the file a plaintext-header with some general informations (created with version xxx, algorithm yyy) and the ciphertext starts after 100 bytes?

And how can you check, that the password was correct? Maybe, you can find the sha1-Hashvalue of the password in the header of the file? Or maybe the first cipherblock contains a checkvalue (maybe the first block contains just zeros).

You see, there are many more aspects than just knowing the algorithm.
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Fri Jun 20, 2008 10:41 pm    Post subject: Reply with quote

Elderan wrote:
You see, there are many more aspects than just knowing the algorithm.

I think that was precisely what Groovicus was saying Smile

The security of a good cryptography algorithm must not depend on the secrecy of the algorithm; that's a basic security notion. The security of a strong cryptography algorithm depends only on the secret (e.g. key or password). In other words, a strong cryptography algorithm remains secure even if all the details of its design are publicly available. So, unless the algorithm is broken or its implementation is faulty, having the source code of the algorithm won't help you decrypt the file.
Back to top
View user's profile Send private message
Groovicus
Trusted SF Member
Trusted SF Member


Joined: 19 May 2004
Posts: 9
Location: Centerville, South Dakota

Offline

PostPosted: Fri Jun 20, 2008 10:46 pm    Post subject: Reply with quote

Quote:
So, unless the algorithm is broken or its implementation is faulty, having the source code of the algorithm won't help you decrypt the file.


Yes capi, you summarized my point perfectly.
Back to top
View user's profile Send private message Visit poster's website
wyatt
Just Arrived
Just Arrived


Joined: 19 Jun 2008
Posts: 0


Offline

PostPosted: Sat Jun 21, 2008 3:57 am    Post subject: Reply with quote

capi wrote:
So, unless the algorithm is broken or its implementation is faulty, having the source code of the algorithm won't help you decrypt the file.


I don't expect a faulty algorithm Smile
Having the source code just help me extracting the encrypted data from the keynote .knt file, so that i can apply blowfish decryption on it.
I know this will not help me to break the cipher in itself. It's just the starting point Wink

To summarize, i prefer to work on the "pure" encrypted data, with the tool i want, rather than working on the .knt file format with delphi3...

I'm working at this moment on keynote files which i know the password to see if i can decrypt the encrypted part of it. Then, i'll work on the brute force algorithm.

Guys, i wish i had not forgotten this password Crying or Very sad Well, to see this on a positive way, this issue will make me learn some new stuff Rolling Eyes Wink
Back to top
View user's profile Send private message
KNRGoodMood
Just Arrived
Just Arrived


Joined: 24 Feb 2009
Posts: 0


Offline

PostPosted: Wed Feb 25, 2009 11:33 am    Post subject: Reply with quote

Okay, this is an interesting question. Let me estimate the time to break your cipher.

First, assume you can always determine whether your file decrypts correctly.
Second, imagine your key length is at most 8 bytes.
Then, imagine your file itself is 8 bytes in length.

Let decryption speed be, say, 10 megabytes a second (pretty good for blowfish with different key each time)
Thus, every second you will try 1250000 keys, it's roughly 2^20.
with 8-byte key your approximate goal is to check 2^63 keys.

Thus, you will need 2^(63-20)=2^43 = 8 796 093 022 208 seconds = 278 922 years.

279 thousand years.. Gotta buy a faster computer, I guess.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Software and Hardware All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register