Category Archives: Products

Is Adobe 9 weaker than Adobe 8?

Posted on by
Reply

Once more Elcomsoft is making the buzz (see post where they claimed to have broken WPA2). Their new target is Adobe 9.

Adobe 9 uses AES-256 to protect pdf files. Unfortunately, calculating SHA256 is faster using Graphical Processor Units (GPU) than calculating MD5 as in previous versions of Adobe. Thus, ElcomSoft claims that is less secure because they can brute force 8 characters passwords with Adobe 9 at the same speed than 6 characters with previous versions of Adobe.

The answer from Adobe is clear and technical (see Security matters: Acrobat 9 and passwords encryption). With the new version, they have allowed passphrases of up to 127 characters!

My comments are:

  • Was is it useful to used AES256? Is it not simply a stupid commercial argument? To use the full benefit of AES256, the passwords should exceed 37 characters (I used 127 bits per character to calculate it). It represents passphrase as long as “Law #1: Attackers will always find th”. Who will
    1. dial such long passphrase?
    2. remember it? especially if not used daily.
  • Would it not be also better for Adobe to come with a more human understandable answer?
  • Once more, Elcomsoft is twisting the information. The only thing they are really demonstrating is that they are able to crack a 8 character password. Wow! :Sad:  But, they succeed to create the buzz in a field that most people do not understand. They are good at that.
  • Password sucks if there is no limitations in the number of trials.

Brilliant Digital offers a new filtering technology

Posted on by
Reply

Brilliant Digital Entertainment announces a new technology for ISPs. Once the ISP detects that the request concerns an illegal audio files, it would block the link and propose an alternative link to purchase a legal version. The company already proposes legal distribution using P2P.

Some interesting facts:
– The announce of this new technology has been made by two former rivals: Kevin Bermeister (formerly KaZaa) and Michael Speck (former anti piracy of Music Industry Piracy Investigations)
– The business model is interesting. Brilliant Digital Entertainment would share some part of their revenues gained from sales with the ISPs.

Now, let’s have a look on the technical tidbits. Very few information are available (only the announcement). The site itself has no reference to the new technology. It seems that the ISPs would intercept the request of the illegal file. This means two things:

  • A mean to detect illegal files; It is probably associated to a list of hash codes of contents that have been spotted as illegal. Similar work will have to be done for instance for French graduated answer. Fingerprinting technologies should allow to find some infringing files.
  • A mean to spot the request; In view of the described method When the architecture of the internet that has our technology recognizes one of those proven illicit files, it blocks it, disconnects the link to it and adds to the search results the opportunity to purchase the legitimate material , I would guess that they replace the illegal trackers by legal trackers powered by AltNet (the technology of Brilliant Digital). It means that they have a way to spoof the request.

As a rough analysis, the second point may be Achilles heel. This may work if the request is done using a typical browser calling the tracker sites. It may be more difficult if using dedicated tools such as Che for instance. With collaborating tracker sites, they could secure the answer.

It is an interesting initiative that we have to follow.

Is WIFI still secure

Posted on by
Reply

This week, several news seemed to shake the basement of WIFI security. The first news was about WPA/WPA2 and the second one about WEP.

ElcomSoft is a company that designs tools to retrieve lost passwords. Their latest product adds two new features. First, it distributes the workload on distributed computers. Second, it may use NVidia Graphical Processing Unit (GPU) to gain a factor 20 in processing time compared to simple CPU. They announced a gain of 100 for cracking WPA/WPA2 passwords.

Of course, immediately the press has “reported” this exploit without often many insights. I have even seen some blogs reporting a gain of 10,000. The “exploit” of ElcomSoft is to use GPU and distributed computing. This is not new. Remember the use of several PS3 with cells to create collisions for SHA1 (See Security Newsletter #9). ElcomSoft still uses brute force against WPA/WPA2. Thus, good luck and a lot of patience.

The second news is that a Japanese researcher, Masakatsu MORII, who succeeded to crack WEP key in less than 1 second. He announced this exploit at CSS2008. The Japanese presentation is available at http://srv.prof-morii.net/~morii/image/CSS2008/CSS081010_WEP_slide.pdf (password WPE2008). We will have to wait some time to get an English version. It will be interesting to analyze the attack to see if it opens new methods to break keys. He drastically accelerated compared to the last exploit at 6 minutes. Nevertheless, WEP is considered for many years as too weak to protect Wifi. This is just nailing once more WEP’s coffin.

Was security of Wifi reduced this week? Clearly not with these announcements. The first one seems to be more a promotional trick to increase awareness of ElcomSoft. The second one hacks an already dead algorithm. By the way, check that you do not use WEP to protect your personal wireless network. I am sure you are already using WPA2

The first 256-bit AES protected hard disk

Posted on by
Reply

Fujitsu launched the first AES 256 bits protected hard disk. The processor of the hard disk encrypts and decrypts every stored data. It is announced that the 256-bits never leaves the embedded processor. An interesting feature is the fast secure erasing of the full hard disk in less than 1 second. It seems that it is performed by simply erasing the secret key. Thus, the stored data are useless (if of course the key is securely erased)

The use of AES-256 bits rather than AES 128 bits is only a marketing argument. Seagate offers AES 128 bits protected hard disk. Currently, the cryptographic community estimates that AES 128 is secure for the next 20 years (until we find an attack :Wink:) Is this solution really more secure than software based encryption as claimed in the press release? I have some doubts. It will depend on the way the encryption is activated.

  • If the decryption is automatic at boot without presentation of any passphrase/password, then it is rather useless. The protection of the data then relies on the login of the computer.
  • If the decryption is activated by the presentation of a passphrase/password, then the security relies on this protection. It will not be stronger than the implementation of this checking
  • If the decryption is activated after the control of a pairing with the host computer, then there is a risk to loose every data in case of failure of the host computer.
  • If the description is activated by a remote RFID, as for easy nova hard disk, then the security is the one of the RFID

Unfortunately, the public information does provide no details.