Re: RE: Password secured using?



Hello,

When I repeated it often enough. I got this pattern.
a=707
aa=7073e
aaa=7073e45
aaaa=7073e455b

A very short analysis suggests that the encryption is a salted bijection (= no hash) and it looks incredibly simple and easy-to-break. So far, this is only a conjecture based on very small amount of data but I doubt there will be some special quirks employed by the encryption algorithm. Unfortunately, the small amount of input data also means that there are a few questions left unanswered.

The general idea of the encryption is as follows:

It starts by choosing a random number ('salt') S, probably from the interval 0-15 (the only observed values so far have been from the interval 0-10). The salt (represented as a hexadecimal digit) is the first character of the encrypted password. Then, the function processes the password byte-by-byte and encrypts each of them by XOR-ing them with a fixed key, starting at position S. Each byte is then represented as two-digit hexadecimal number. Nothing more, nothing less...

Mathematically, C[i] = P[i] ^ K[S+i], where C is the ciphertest, P[i] is the plaintext and K is the _fixed_ key, which does not depend on the input.

It's not clear whether the key is cyclic and if it is, what is its period. So far, only first 12 characters of the key could have been recovered (it is acually possible that the key is only 11 bytes long because K[0] = K[11]). In order to find that out, it might be a good idea to try to encrypt a password consisting of 17 a's.

The following short C program demonstrates how simple the decryption is -- just try to feed it with the encrypted password and observe the result [it's based on the unverified assumption that the fixed key is 11 bytes long]

------
#include <stdio.h>

int key[11] =
{ 0x21, 0x76, 0xe4, 0x39, 0x22, 0x32, 0xa7, 0x66, 0x5f, 0x24, 0x3a };

int main() {
int k, c;
for (scanf("%1x", &k); scanf("%02x", &c) == 1; k++)
putchar(c^key[k%11]);
putchar('\n');
return 0;
}
------

Peter

--
[Name] Peter Kosinar [Quote] 2B | ~2B = exp(i*PI) [ICQ] 134813278

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@xxxxxxxxxx for details.
------------------------------------------------------------------------------



Relevant Pages

  • [Full-Disclosure] RE: FW: defeating Lotus Sametime "encryption"
    ... Subject: defeating Lotus Sametime "encryption" ... For example, Lotus Sametime provides encryption, logging, ... 00 -- length of opaque for auth data ... 00 -- length of opaque data for encrypted password ...
    (Full-Disclosure)
  • Re: SecureZeroMemory in a managed DLL?
    ... If having encrypted password in memory is okay for you, ... SecureString, and then decrypt the encrypted string character by ... details on the nature of encryption, I'll come up with the code. ...
    (microsoft.public.dotnet.languages.csharp)
  • same password, two encrypted strings?
    ... files for the privileges on apache (.htaccess / .htpasswd) when i ... The encrypted password for user guest.b is ... different but both strings validate to 'green'. ... 1)Is it the same algorythm, encryption, version, whatever? ...
    (comp.security.misc)
  • Cryptography oddness
    ... I'm using tripleDes encryption as provided by the .Net framework. ... I have a key and a encrypted password which was stored in a config ... the target machine results in a Bad data CryptographyException. ...
    (microsoft.public.dotnet.security)
  • [long] C code of PEARL1, a block encryption algorithm emphasising simplicity
    ... (cf. "A plead for simple encryption ... It uses a combined PRNG (cf. "A simple scheme ... // allocates 64 bits to unsigned long int. ...
    (sci.crypt)