Free Encryption Software for X64 needed

[rive0108]

You wouldn't be cracking any strong passwords. That's in no way a dig at you or your hardware, merely a statement of confidence in the current encryption standards. If you do know of a way to crack strong passwords, then you've found a vuln in the algorithm and you should report it to the relevant authorities. Seriously.

And if you can crack certs and assymmetric crypto in general, then the RSA stock price will plummet and Fmjc001.com will likely take their place

Well I managed to crack a 36 character passphrase, upper case, lowercase, numbers and symbols in a few days. I dont know if thats good to you but I was rather happy with myself lol.

Hmm,

can you crack a WPA-PSK encrypted key like this with a temporal that resets every 10 minutes?
0z417swWM1'@((H#3$J]{,GOBW248+_@#fsdVXPq34012

This is a "crackable" encryption, and I bet even with aircrack you cant break my network. The point is, With a good key/password I think you'd be SOL. it is only simple keys/easily broken with dictionary/brute force attacks that these methods will work- especially considering the hash is disabled by default in Vista, and Linux without the User password will be useless.

 

[PainlessTorture]

You wouldn't be cracking any strong passwords. That's in no way a dig at you or your hardware, merely a statement of confidence in the current encryption standards. If you do know of a way to crack strong passwords, then you've found a vuln in the algorithm and you should report it to the relevant authorities. Seriously.

And if you can crack certs and assymmetric crypto in general, then the RSA stock price will plummet and Fmjc001.com will likely take their place

Well I managed to crack a 36 character passphrase, upper case, lowercase, numbers and symbols in a few days. I dont know if thats good to you but I was rather happy with myself lol.

Hmm,

can you crack a WPA-PSK encrypted key like this with a temporal that resets every 10 minutes?
0z417swWM1'@((H#3$J]{,GOBW248+_@#fsdVXPq34012

This is a "crackable" encryption, and I bet even with aircrack you cant break my network. The point is, With a good key/password I think you'd be SOL. it is only simple keys/easily broken with dictionary/brute force attacks that these methods will work- especially considering the hash is disabled by default in Vista, and Linux with the User password will be useless.

10 mins may not be enough time, i spent a few days on the password hash. And anything can be hacked. Maybe not by me but i guarantee someone will be able to.

 

[rive0108]

They say the best encryption for Vista is to use EFS combined with Bitlocker using a tmp chip (most newer computers have them)
This is virtually unhackable, and is only weak when using a recovery key or usb key that can be recovered- personally I would just memorize the recovery key and leave nothing to be recovered.
(you wont be cracking a User password/hash in this method)


And these are free in Vista...

 

[rive0108]

Well I managed to crack a 36 character passphrase, upper case, lowercase, numbers and symbols in a few days. I dont know if thats good to you but I was rather happy with myself lol.

Hmm,

can you crack a WPA-PSK encrypted key like this with a temporal that resets every 10 minutes?
0z417swWM1'@((H#3$J]{,GOBW248+_@#fsdVXPq34012

This is a "crackable" encryption, and I bet even with aircrack you cant break my network. The point is, With a good key/password I think you'd be SOL. it is only simple keys/easily broken with dictionary/brute force attacks that these methods will work- especially considering the hash is disabled by default in Vista, and Linux with the User password will be useless.

10 mins may not be enough time, i spent a few days on the password hash. And anything can be hacked. Maybe not by me but i guarantee someone will be able to.

Beck-Tews attacks (as well as others) operate on the premise that a long re-keying interval is used for TKIP (i.e., default 3600 seconds)

Even with the long re-keying they still cannot break the key protecting the data stream (like the one I posted), even with the time to crack the temporal they are only able to send 7 data packets. With 10 min or less rekeying WPA is pretty secure...
http://dl.aircrack-ng.org/breakingwepandwpa.pdf

see: http://www.vistax64.com/network-internet/191613-wpa-networks-open-limited-attack.html#post1017668

 

[PainlessTorture]

They say the best encryption for Vista is to use EFS combined with Bitlocker using a tmp chip (most newer computers have them)
This is virtually unhackable, and is only weak when using a recovery key or usb key that can be recovered- personally I would just memorize the recovery key and leave nothing to be recovered.
(you wont be cracking a User password/hash in this method)


And these are free in Vista...

I used bitlocker before....does it not give you a chance to enter a 5 digit block each time and tells you when you type a number wrong? Thats basically going to help you guess the override code or backup code or whatever you call it.

I am only 15, I'm still learning a lot about computers and I admire people who truly know what they are doing. But if a 15 year old can get past EFS then why use it? Ok yeah if your an IT pro you will know how to reconfigure your system to make it more difficult for a hacker to break in, but remember most people are not IT pros and they have important data too.

In school I went from restricted user to domain admin by cracking hashes from the cache. I thought that was a serious security mistake and needs to be rethought. Because if I can do it, whats stopping someone else.

 

[rive0108]

They say the best encryption for Vista is to use EFS combined with Bitlocker using a tmp chip (most newer computers have them)
This is virtually unhackable, and is only weak when using a recovery key or usb key that can be recovered- personally I would just memorize the recovery key and leave nothing to be recovered.
(you wont be cracking a User password/hash in this method)


And these are free in Vista...

I used bitlocker before....does it not give you a chance to enter a 5 digit block each time and tells you when you type a number wrong? Thats basically going to help you guess the override code or backup code or whatever you call it.

I am only 15, I'm still learning a lot about computers and I admire people who truly know what they are doing. But if a 15 year old can get past EFS then why use it? Ok yeah if your an IT pro you will know how to reconfigure your system to make it more difficult for a hacker to break in, but remember most people are not IT pros and they have important data too.

In school I went from restricted user to domain admin by cracking hashes from the cache. I thought that was a serious security mistake and needs to be rethought. Because if I can do it, whats stopping someone else.

48 digit recovery password-
Unless you enter the whole recovery key correctly at once (note- this key is different from the encryption key actually used) It will fail. It is actually a alpha-numeric "password" on the same lines a a COA "Product Key". When you enter the COA on a computer/software system does it tell you "all are right but this one"? It is either right, or it is wrong.
http://www.nvlabs.in/uploads/projects/nvbit/nvbit_bitlocker_presentation.pdf

Let’s first take a look at the BitLocker system. BitLocker has two major features: 1) it encrypts the hard drive to prevent offline attacks against lost or stolen laptops and, 2) it takes measurements of the boot process to ensure the integrity of the system at start-up. These measurements detect attacks that try to get into your system before the OS loads

Bitlocker can also now encrypt externals and thumbrives using NTFS (added to sp1)

 

[rive0108]

Ps- I am not an IT Pro. I dont work in the computer field at all. I am an enthusiast.
If your gonna use Encryption, Then you have to at least use common sense.

First rule of thumb (I always tell my wife this) DO NOT use names, phrases, easily cracked passwords- ALWAYS use randomly generated alpha-numeric-symbol passwords (if applicable) that are no less than 25 Digits.

 

[PainlessTorture]

Ps- I am not an IT Pro. I dont work in the computer field at all. I am an ethusiast.
If your gonna use Encryption, Then you have to at least use common sense.

First rule of thumb (I always tell my wife this) DO NOT use names, phrases, easily cracked passwords- ALWAYS use randomly generated alpha-numeric-symbol password (if applicable) that are no less than 25 Digits.

You dont have to work in IT to be a pro .

Even still...with enough time any password will be broken thats why it should be changed regularly. However most domains require a change every 30 days i think. I think 30 days is enough time to crack a hash.

 

[rive0108]

Ps- I am not an IT Pro. I dont work in the computer field at all. I am an ethusiast.
If your gonna use Encryption, Then you have to at least use common sense.

First rule of thumb (I always tell my wife this) DO NOT use names, phrases, easily cracked passwords- ALWAYS use randomly generated alpha-numeric-symbol password (if applicable) that are no less than 25 Digits.

You dont have to work in IT to be a pro .

Even still...with enough time any password will be broken thats why it should be changed regularly. However most domains require a change every 30 days i think. I think 30 days is enough time to crack a hash.

Bitlocker password breaking will take 10-30 years

Re: Bitlocker passphrase only
This is specifically not allowed, because it is a very weak solution subject
to dictionary and brute-force attacks.
The recovery password is 128 bits of random entropy, with salt and
stretching (giving an effective cryptographic strength of 160 bits if I
recall).
The TPM+PIN solution uses hardware
to insert a non-resettable delay to the
extent that a 4 digit pin would take an entire year to crack. To understand
the power of the hardware, without hardware, a 4 digit purely random pin
would be cracked in a fraction of a day even with good key stretching
algorithms.

The 128 bit recovery key (which is generated using the cryptographic random
number generator) would take 10^31 years (or thereabouts) to crack on
current processor architectures (due to the salt and stretching algorithm).

See http://en.wikipedia.org/wiki/Password_strength for an analysis on strong
passwords.

Source: Bitlocker passphrase only - Microsoft Windows Vista Community Forums - Vistaheads

 

[PainlessTorture]

Ok, so BitLocker is stronger than I expected.

 

[rive0108]

Ok, so BitLocker is stronger than I expected.

Dont get me wrong, there are inherient weaknesses-

1. Sometimes the key gets stored in memory (if the computer can be accessed before it is shut off, and Memory deleted, It can be broken- same as getting the computer while it is still logged into)

2. Recovering the recovery passphrase, (or USB key-If one is used. This is required to use Bitlocker when there is no tpm)

 

[rive0108]

You wouldn't be cracking any strong passwords. That's in no way a dig at you or your hardware, merely a statement of confidence in the current encryption standards. If you do know of a way to crack strong passwords, then you've found a vuln in the algorithm and you should report it to the relevant authorities. Seriously.

And if you can crack certs and assymmetric crypto in general, then the RSA stock price will plummet and Fmjc001.com will likely take their place

Well I managed to crack a 36 character passphrase, upper case, lowercase, numbers and symbols in a few days. I dont know if thats good to you but I was rather happy with myself lol.

Can I also just add, we are talking about EFS...no TPM and no BitLocker because then its not just EFS anymore. Ok, so maybe its not as easy as I make out to access the EFS encrypted files. But I think its that hard. That might just be me. Maybe one day i wont be able to do it but who knows...

Was this XP/2000 using EFS by chance? Or WEP/WPA network key? I dont know many who use a 36 digit Log-in User password.
The User act must have had a basic password, right?

With hash disabled in Vista, I dont see this method working...

Current WEP keys can be cracked in minutes BTW...

 

[PainlessTorture]

You wouldn't be cracking any strong passwords. That's in no way a dig at you or your hardware, merely a statement of confidence in the current encryption standards. If you do know of a way to crack strong passwords, then you've found a vuln in the algorithm and you should report it to the relevant authorities. Seriously.

And if you can crack certs and assymmetric crypto in general, then the RSA stock price will plummet and Fmjc001.com will likely take their place

Well I managed to crack a 36 character passphrase, upper case, lowercase, numbers and symbols in a few days. I dont know if thats good to you but I was rather happy with myself lol.

Can I also just add, we are talking about EFS...no TPM and no BitLocker because then its not just EFS anymore. Ok, so maybe its not as easy as I make out to access the EFS encrypted files. But I think its that hard. That might just be me. Maybe one day i wont be able to do it but who knows...

Was this XP/2000 using EFS by chance? Or WEP/WPA network key? I dont know many who use a 36 digit Log-in User password.
The User act must have had a basic password, right?

With hash disabled in Vista, I dont see this method working...

Current WEP keys can be cracked in minutes BTW...

If hashes are disabled in vista how come I can see password hashes using cain? (On vista).

 

[rive0108]

Well I managed to crack a 36 character passphrase, upper case, lowercase, numbers and symbols in a few days. I dont know if thats good to you but I was rather happy with myself lol.

Can I also just add, we are talking about EFS...no TPM and no BitLocker because then its not just EFS anymore. Ok, so maybe its not as easy as I make out to access the EFS encrypted files. But I think its that hard. That might just be me. Maybe one day i wont be able to do it but who knows...

Was this XP/2000 using EFS by chance? Or WEP/WPA network key? I dont know many who use a 36 digit Log-in User password.
The User act must have had a basic password, right?

With hash disabled in Vista, I dont see this method working...

Current WEP keys can be cracked in minutes BTW...

If hashes are disabled in vista how come I can see password hashes using cain? (On vista).

It is a "hash" but not a LM Hash that is easily "crackable" by Cain.


i.e. Due to the lack of LM hashes, Vista passwords stored in the SAM file are harder to crack. However, the NTLM hash is the same as always and can be cracked if the password is weak...
In otherwords, a decent password will prevent CAIN cracking it.

Many cracking tools, e.g. RainbowCrack, L0phtCrack and Cain, now incorporate similar attacks and make cracking of LM hashes trivial. However, because LM hashing is not used for passwords of 15 characters or longer, these are relatively strong.

Vista also hardens systems a bit by keeping your systems from creating something called "LM hashes." Whenever you type a password into your computer, the computer doesn't store your password anywhere. Instead, it takes you password and subjects it to a mathematical function called a "hashing function" that reduces the password, no matter what length, to a 128-bit number. That's what gets stored on your computer and on your domain controllers, not your password; instead, the "password hash" is stored. Why do that? Because if someone gets your hash, then reversing the hash process and figuring out your password just by looking at the hash should be nearly impossible if the system was designed right.
Source:http://searchenterprisedesktop.techtarget.com/generic/0,295582,sid192_gci1256603,00.html


"Vista changes two items in Security Options in a way that I personally like a lot, but I want you to understand what they might do to your network compatibility. The two settings are:

• "Network security: Do not store LAN Manager hash value on next password change" is now enabled, even though it had been disabled by default until now.
• "Network security: LAN Manager authentication level" changes from "Send LM and NTLM" to "Send NTLMv2 response only."