[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 28 Mar 2012 18:37:17 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: GSoC non-hash office documents
On Wed, Mar 28, 2012 at 1:23 PM, Mike Wing <mvwing@...il.com> wrote:
> Hi
>
> I'm rather interested in working on some of the non-hashes for
> GSoC. Specifically the Office ones that popped up recently. Just doing
> a rudimentary search, the MS office format (up to 2003) using XOR and RC4
> appears to be fairly compromised and exploitable as outlined in this
> paper http://eprint.iacr.org/2005/007.pdf. And this has been
> further developed by a french researcher (here:
> http://www.esiea-recherche.eu/data/filiol_pacsec.pdf). I would like to work
> on bringing these features to JtR.
These papers are mainly about RC4 key stream reuse related to earlier
versions of the same files. While this is all well and good this is
not how JtR operates :) I'd love to see RC4 in GPU/CPU which could be
more like JtR.
These two blog posts should illustrate:
http://blogs.msdn.com/b/david_leblanc/archive/2008/07/03/office-crypto-follies.aspx
http://blogs.msdn.com/b/david_leblanc/archive/2010/04/16/don-t-use-office-rc4-encryption-really-just-don-t-do-it.aspx
The last one references the work from 2004 of Hongjun Wu
(http://eprint.iacr.org/2005/007.pdf)
-rich
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
