Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 24 May 2015 20:58:04 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Recovering truecrypt pass-phrase with known keyfile

On Thu, May 21, 2015 at 4:50 PM, Marek Wrzosek <marek.wrzosek@...il.com> wrote:
> W dniu 21.05.2015 o 21:42, Rich Rumble pisze:
>> On Thu, May 21, 2015 at 2:55 PM, magnum <john.magnum@...hmail.com> wrote:
>>> On 2015-05-21 20:30, Rich Rumble wrote:
>>>>
>>>> On Thu, May 21, 2015 at 1:36 PM, magnum <john.magnum@...hmail.com> wrote:
>>>>>
>>>>> On 2015-05-21 19:27, Dhiru Kholia wrote:
>>>>>>
>>>>>>
>>>>>> On Thu, May 21, 2015 at 5:28 PM, Marek Wrzosek <marek.wrzosek@...il.com>
>>>>>> wrote:
>>>>>>>
>>>>>>>
>>>>>>> Lately I've been reading TrueCrypt User Guide and I'm curious. Is it
>>>>>>> possible to recover pass-phrase of truecrypt volume with known keyfile
>>>>>>> using JtR? If not, are there any plans of adding this to john in the
>>>>>>> future?
>>>>>>
>>>>>>
>>>>>>
>>>>>> Seems to be simple enough,
>>>>>>
>>>>>> https://github.com/bwalex/tc-play/blob/master/crypto.c#L201
>>>>>
>>>>>
>>>>>
>>>>> I see nothing there. Isn't that part of the code using already decrypted
>>>>> keyfile data?
>>>>
>>>> If I recall from TC's doc's it read the first 1024 bytes of the
>>>> keyfile and used that as the second part of the password.
>>>> <quote>
>>>> Any kind of file (for example, .txt, .exe, mp3, .avi) may be used as a
>>>> TrueCrypt keyfile. However,
>>>> we recommend that you prefer compressed files, such as .mp3, .jpg,
>>>> .zip, etc. Note that TrueCrypt
>>>> never modifies the keyfile contents. Therefore, it is possible to use,
>>>> for example, five files in your
>>>> large mp3 collection as TrueCrypt keyfiles (and inspection of the
>>>> files will not reveal that they are
>>>> used as keyfiles).
>>>
>>>
>>> I see. So we'd just add ability to use a keyfile in addition to the cracking
>>> we currently have. I thought a keyfile was something like
>>> passphrase->KDF->key but that was not the case.
>> Yeah a TC "keyfile" was supposed to be a 2nd factor that avoided keylogging.
>> -rich
>>
> Keyfile could be used with empty password and in that case one should
> check that without using john.
> In general, keyfile is transformed somehow using hash function and then
> is applied to the password by XOR-ing it together.
> Algorithm is described in Truecrypt User Guide on pages 141 and 142.
> https://download.truecrypt.ch/documentation/TrueCrypt%20User%20Guide.pdf#page=141&zoom=auto,54,771
I've uploaded a few more samples to the wiki:
http://openwall.info/wiki/john/sample-non-hashes?&#TrueCrypt-Volumes
(TrueCrypt-examples.7z)
I created two "normal" and two volumes with a normal and a hidden
volume in them. I tried to vary the algorithms used in each so that
there were good test cases. I did not try to crack them, they all use
at least one key file, some of them use three keyfiles + password. Let
me know if there are any questions about these latest samples, or if
more are desired. Inside the archive is a README with everything that
was used when creating them, I hope it helps!
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.