Date: Fri, 5 Dec 2014 10:01:07 -0500 From: Matt Weir <cweir@...edu> To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com> Subject: Re: Cracking multiple AES Zip files Awesome, thank you very much Magnum and Jim! I need to get into a better habit of digging into the bleeding JtR before asking questions ;p Matt On Thu, Dec 4, 2014 at 9:59 PM, <jfoug@....net> wrote: > If you use the new bleeding JtR, there is NO false positive any more. I > have redone this 'broken' format. I dug in to understand the gladman code, > and there is a verifyer, not just the crappy 2 byte checksum. > > The change is shown here: > https://github.com/magnumripper/JohnTheRipper/commit/528e6bcfb1a59f068b70c63b3c0d7ffc62c32ce4 > > So now there is a 10 byte checksum, so only 1 out of 2^80 chance of a > false positive. In JtR land, we count that as exact. Hell, it is 16 bits > better than DES ;) > > ---- Matt Weir <cweir@...edu> wrote: > > AES encrypted zip files have a high number of false positives in them. > From > > the Winzip spec: > > > > Password verification value > .... clip. >
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.