I'd like to have a tad bit of guidance

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

I'd like to have a tad bit of guidance

Post by 133794m3r on Sun Feb 21, 2010 12:40 am
([msg=35451]see I'd like to have a tad bit of guidance[/msg])

Ok, my girlfriend just came to me today saying that she's forgetten teh password to a .docx file where she wrote her poem in. Apparently they're using aes128 to encrypt it. The guidance i'm wondering is where should i start to help her recover said password/document. Should i attempt to decrypt the entire document? or would it be better to just brute force till the morning light.

The second thing is, how safe is safe enough with the use of passwords for an average user. I am currently going to be using bcrypt with a salted value which is a random string of text, then i was going to add in ~20-30 characters of text to both sides of said password then it's encrypted. There'll be 1 nonce which is set in stone for everyone, and teh second one will be chosen pseduo randomly and the value for which one it is in the list will be stored in the database. Now then besides that how many attempts at logging in should i allow someone to do? I know this last bit isn't too much as far as cryptography's concerned but the first part is and i didn't wnat to make three threads for a similar post.

the third thign would have to be two crypt is the best way to encrypt the users email addresses correct?

If anything in this thread doesn't belong in the cryptography section then feel free to move it, i just thought that it was fitting to be here since a majority of it deals with cryptography.(which i've found a new interest in as of late)
133794m3r
New User
New User
 
Posts: 11
Joined: Sun Apr 20, 2008 2:43 pm
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by sanddbox on Sun Feb 21, 2010 1:53 am
([msg=35453]see Re: I'd like to have a tad bit of guidance[/msg])

Good luck decrypting AES 128...
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2337
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by faazshift on Sun Feb 21, 2010 2:08 am
([msg=35454]see Re: I'd like to have a tad bit of guidance[/msg])

If anyone could just decrypt a document encrypted like this, it would completely negate the point of it being encrypted.
faazshift
Contributor
Contributor
 
Posts: 516
Joined: Wed Jun 03, 2009 3:55 pm
Location: Riverton, Utah
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by 133794m3r on Sun Feb 21, 2010 3:47 am
([msg=35455]see Re: I'd like to have a tad bit of guidance[/msg])

faazshift wrote:If anyone could just decrypt a document encrypted like this, it would completely negate the point of it being encrypted.

i never said it was going to be easy. But i do know that there hsa to be a password in one of the files that are stored inside of the pseudo zip.
133794m3r
New User
New User
 
Posts: 11
Joined: Sun Apr 20, 2008 2:43 pm
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by Goatboy on Sun Feb 21, 2010 4:40 am
([msg=35456]see Re: I'd like to have a tad bit of guidance[/msg])

133794m3r wrote:i never said it was going to be easy. But i do know that there hsa to be a password in one of the files that are stored inside of the pseudo zip.

I'm almost certain the password is not stored in the file. The password is really a key which is used to decrypt the file. If you type in the wrong key, you get gibberish.

Also, why would she AES a poem?
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2752
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by insomaniacal on Sun Feb 21, 2010 7:01 am
([msg=35459]see Re: I'd like to have a tad bit of guidance[/msg])

She has to have some idea of what the password was. I know if you're using something like Cain and Abel you can specify which characters to use. Using only those characters and brute-forcing from there would make it much faster.

But as Goatboy said, why would you encrypt a poem with AES?
It's not who votes that counts, it's who counts the votes
insomaniacal.blog.com
User avatar
insomaniacal
Addict
Addict
 
Posts: 1210
Joined: Sun May 24, 2009 10:21 am
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by Goatboy on Sun Feb 21, 2010 2:56 pm
([msg=35471]see Re: I'd like to have a tad bit of guidance[/msg])

insomaniacal wrote:But as Goatboy said, why would you encrypt a poem with AES?

I thought of a possible reason. Here's her poem:

133764m3r's Girlfriend wrote:
133764m3r I swear to thee
That if you read this poem
I will take your balls, you see
And then proceed to throw 'em

Out the window to the street
Where some little creature may
Find a tasty snack to eat
And be on his merry way

So some advice to you I'll give
Lest you suffer much duress:
If you want your balls to live

DON'T decrypt my AES!

Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2752
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by sanddbox on Sun Feb 21, 2010 3:19 pm
([msg=35472]see Re: I'd like to have a tad bit of guidance[/msg])

Goatboy wrote:
insomaniacal wrote:But as Goatboy said, why would you encrypt a poem with AES?

I thought of a possible reason. Here's her poem:

133764m3r's Girlfriend wrote:
133764m3r I swear to thee
That if you read this poem
I will take your balls, you see
And then proceed to throw 'em

Out the window to the street
Where some little creature may
Find a tasty snack to eat
And be on his merry way

So some advice to you I'll give
Lest you suffer much duress:
If you want your balls to live

DON'T decrypt my AES!



Goatboy...will you marry me?
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2337
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: I'd like to have a tad bit of guidance

Post by Goatboy on Sun Feb 21, 2010 3:24 pm
([msg=35473]see Re: I'd like to have a tad bit of guidance[/msg])

sanddbox wrote:Goatboy...will you marry me?

No...

I'm what some might call... a lone goat.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2752
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)



Return to Crypto

Who is online

Users browsing this forum: No registered users and 0 guests