password-cracking by journalists...
Jim Cheesman
jchees at msl.es
Thu Jan 17 04:02:09 EST 2002
At 03:15 PM 16/01/02, Steve Bellovin wrote:
>A couple of months ago, a Wall Street Journal reporter bought two
>abandoned al Qaeda computers from a looter in Kabul. Some of the
>files on those machines were encrypted. But they're dealing with
>that problem:
>
> The unsigned report, protected by a complex password, was
> created on Aug. 19, according to the Kabul computer's
> internal record. The Wall Street Journal commissioned an
> array of high-speed computers programmed to crack passwords.
> They took five days to access the file.
>
>Does anyone have any technical details on this? (I assume that it's
>a standard password-guessing approach, but it it would be nice to know
>for certain. If nothing else, are Arabic passwords easier or harder
>to guess than, say, English ones?)
Most Arabic words have a root of 3 letters, to which prefixes, suffixes and
vowels are added: the root drs for example is related to books and
teaching: madrasa is a school, mudaris a teacher, etc. (It's been a while
since I studied any Arabic, so I aplogise for errors here.)
Of more use (I would have thought) is the fact that the Coran has a limited
and standardised vocabulary (unlike the Bible, for example, which has many
versions, both modern and old.) That would certainly speed up any
dictionary search - assuming that any password/phrase came from the Coran,
of course.
Jim
--
* Jim Cheesman *
Trabajo:
jchees at msl.es - (34)(91) 724 9200 x 2360
If there's one thing I
can't stand, it's intolerance.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list