OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Crypto Archives: The Cracking of Gregory Braun's Crypto v3.5 by

The Cracking of Gregory Braun's Crypto v3.5 by CASIMIR

Joe Peschel (jpeschel2hotmail.com)
Sun, 19 Sep 1999 16:43:42 CDT

Casimir writes: "Braun pretends to use the BlowFish
algorithm to provide secure encryption in his
application Crypto v3.5. Actually the algorithm
used is a weak proprietary one.

"In order to decrypt a file, Crypto v3.5 feeds
with the Password a home-made hash function
which produces a 32-bit key: KEY_1. Then KEY_1
is manipulated (shifts, ANDs) to produce a
second 32-bit key: KEY_2. KEY_2 is compared
against a third 32-bit key: KEY_CHK, which
is stored in the header of the encrypted file. If
KEY_2 = KEY_CHK, then Crypto v3.5 decrypts
file using KEY_1 as the decryption key."

Parts A and B of Casimir's essay is now on my web
site. (See the "Key Recovery Resources"
page.) Part C, source code for
a cracker, will soon follow.

(I really wish the moderator wouldn't block all
AOL e-mail.)

Joe

__________________________________________

Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

This archive was generated by hypermail 2.0b3 on Sun Sep 19 1999 - 19:56:38 CDT