From: SharpFang <sharpfang@ucku4.uck.pk.edu.pl>
Newsgroups: alt.hacker
Subject: PGP cracking (maybe you know, Archangel)
Date: Thu, 8 Jan 1998 17:04:53 +0100
Organization: Academic Computer Centre CYFRONET - Krakow
Lines: 11
Message-ID: <Pine.LNX.3.96.980108170025.18789G-100000@ucku4.uck.pk.edu.pl>
NNTP-Posting-Host: ucku4.uck.pk.edu.pl
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Path: ccw.ch!aetna.dolphins.ch!news.planetc.com!leto.ou.edu!news.onenet.net!news.oru.edu!news.edu.sollentuna.se!news-xfer.siscom.net!news.abs.net!news.bconnex.net!fci-uk!fci!news.nask.pl!cyfronet!ucku4.uck.pk.edu.pl!sharpfang


I know that cracking the PGP encrypted nessage is practically impossible, 
but how about cracking the password in the secret key?
How is it protected? are there any proggies to brute-force it? (don't want
to write myself if there are any)
Or maybe someone knows more 'sensitive' method of cracking it?
(hehe, I know, now obtaining the seckey file is the hardest thing to do :)

							Vook.

######

Path: ccw.ch!usenet
From: Neil Franklin <root@chonsp.franklin.lugs.ch>
Newsgroups: alt.hacker
Subject: PGP cracking (maybe you know, Archangel)
Date: 10 Jan 1998 21:55:17 +0100
Organization: My own Private Self
Lines: 39
Message-ID: <oh1kaw22.fsf@chonsp.franklin.lugs.ch>
References: <Pine.LNX.3.96.980108170025.18789G-100000@ucku4.uck.pk.edu.pl>
NNTP-Posting-Host: chonsp.franklin.lugs.ch
X-Newsreader: Gnus v5.3/Emacs 19.34

SharpFang <sharpfang@ucku4.uck.pk.edu.pl> hopes:
>I know that cracking the PGP encrypted nessage is practically impossible, 
>but how about cracking the password in the secret key?
>How is it protected? are there any proggies to brute-force it? (don't want
>to write myself if there are any)
>Or maybe someone knows more 'sensitive' method of cracking it?
>(hehe, I know, now obtaining the seckey file is the hardest thing to get)

I'm not Archangel, but neverless:

Forget it. PGP is _totally_ safe. The passphrase (not a password!) is
not stored anywhere! Not even in encrypted (and possibly crackable)
form!

The PGP Passphrase is sent through an MD5 message digest. The 128
"random" bits from that are used to IDEA encrypt the secret key
file. If you provide a false passphrase you will simply get 128
wrong bits, IDEA decryption will simply produce a key-length file
of random bits. No error message such as "wrong password" (it can
not be checked!), just useless output. Same applies to ssh as well.

The only weakness is in PGPs users, that is trapping the password while
the user is entering it (over telnet or rsh, but ssh is safe), or by
social engineering.

Question: why do you think did the US government spent so much time on
trying to bury PGP?
Answer: Its too damn safe for even them to crack! Really!

See:
Simson Garfinkel, PGP Pretty Good Privacy
  O'Reilly & Associates, 1995, ISBN 0-56592-098-8
Bruce Schneier, Applied Cryptography
  John Wiley & Sons, 1996, ISBN 0-471-12845-7
 
-- 
Neil.Franklin.nospam@ccw.ch (remove .nospam), http://www.ccw.ch/Neil.Franklin/
  for Geek Code, Papernet, Voicenet, PGP public key see http:
Mac, 95 and NT users are CLUEless (Command Line User Environment)