by
CASIMIR
Part B
Caz presents : The Crack of SecurityPlus! by SoftByte Labs
(known-plaintext attack on a proprietary cipher)
Decryption process and transformations on Block are the same, so we let:
Block = Key_enc Transf_Block = Key_dec
Given Key_enc, we are looking for Pwd and Pwd's length such as:
Key_dec = function of (Key_enc, Pwd, Pwd's length) = Key_chk
Key_chk is 61 bytes long, so we can obtain 61 equations in order to recover password.
As we do not know Pwd's length, we'll have to try out every possible length, until we find the correct one. We
have: 4 < Pwd's length < 60.
Let Input's length = l, we are looking for Pwd[1], Pwd[2],..., Pwd[l] such as, for each j: Key_dec[j] = Key_chk[j] So we have: Key_chk[1] = Key_enc[1] - Pwd[1] - Pwd[7] - 3D - Pwd[1] {1} Key_chk[2] = Key_enc[2] - Pwd[1] - Key_enc[1] - (3D-1) - (Pwd[1]+1) {2} {2} <=> Pwd[1] = (Key_enc[2] - Key_enc[1] - Key_chk[2] - 3D) ------------------------------------------- 2
We found the Pwd[1], i.e. the first character from password. Once Pwd[1] is found, we can compute Pwd[2], Pwd[3],..., Pwd[l]:
Key_chk[3] = Key_enc[3] - Pwd[2] - Key_enc[2] - (3D-2) - (Pwd[1]+1+2) {3} {3} <=> Pwd[2] = Key_enc[3] - Key_enc[2] - Key_chk[3] - (3D-2) - (Pwd[1]+1+2) Let Sum[j] = Pwd[1]+1+2+...+j: {l} <=> Pwd[l] = Key_enc[l+1] - Key_enc[l] - Key_chk[l+1] - (3D-l) - Sum[l]
We recovered the whole password {:-) Now we must check that assumed Pwd's length (l) is correct. To do so, we use remaining equations:
Key_chk[1] = Key_enc[1] - Pwd[1] - Pwd[7] - 3D - Pwd[1] ??? {1} With i = (j)modulo(Pwd's length): Pwd[i] = Key_enc[j+1] - Key_enc[j] - Key_chk[j+1] - (3D-j) - Sum[j] ??? {j} . = . . . . . ??? . . = . . . . . ??? .
If we do not have any difference, then Pwd is good. Otherwise, we try next Pwd's length, and so on...
=======================================
=======================================
As usual, when dealing with proprietary algorithms:
Instead, trust in Winice to show you the Way {;-)
Hope you enjoyed!
Caz
Here is Part C, source code for a cracker, the executable, and a few other small treats.
Copyright December, 1999 by Casimir.
Mail Casimir
Converted to hypertext by Joe Peschel December 13, 1999.