Date: Wed, 17 Sep 2014 00:58:29 +0200 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: attacking RC2 40-bit S/MIME encrypted emails On 2014-09-17 00:00, magnum wrote: > On 2014-09-16 22:44, augustin wrote: >>>> long time ago, Bruce Schneier published a tool for Windows 95 to >>>> attack S/MIME encrypted emails that use RC2 for encryption with >>>> 40bit long keys. >>>> >>>> https://www.schneier.com/smime.html >>>> >>>> code: https://www.schneier.com/smime-download.html >>>> >>>> I had a look at john formats but did not find anything related. >>>> Does john support that type of encryption or will it be supported >>>> in the future? >>> >>> It doesn't, and I doubt anyone was planning to write it. Is RC2/40 >>> still used at all anywhere? >> >> 'openssl smime -encrypt' uses RC2/40 by default according to >> documentation. >> >> fedora 20 (openssl-1.0.1e-39)/ubuntu 14.04/rhel 6.4: >> man smime: "If not specified 40 bit RC2 is used." >> >> so an implementation would probably still be useful these days. > > Cool. Someone should do this. It now hits me this is out of scope for JtR itself. What JtR does is always based on trying human-like passwords. But this "format" would be a key brute-forcer with no input. For the same reason, we haven't implemented an RC4/40 brute-forcer for old Office documents. However, even if Solar doesn't want these "in" Jumbo, I'm willing to include them either "with" Jumbo (as stand-alone programs in the Jumbo source tree), or simply as a separate repo if Solar persists. As Atom recently wrote on Hashcat forum, you can sometimes marry RC4-BF with actual password search: http://hashcat.net/forum/thread-3665.html magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.