password-cracking by journalists...

John Young jya at pipeline.com
Thu Jan 17 19:07:55 EST 2002


At 9:15 AM -0500 1/16/02, Steve Bellovin wrote:

>Does anyone have any technical details on this? 

This is from the UK Independent today:


http://www.independent.co.uk/story.jsp?story=114885

-----

[Excerpt]

How they cracked the terrorists' code 

Getting to the heart of the documents contained in
the al-Qa'ida computer ­ bought by chance by the
Wall Street Journal's reporter in Kabul ­ meant
cracking the encryption of Microsoft's Windows
2000 operating system installed on the machine,
which had been used to protect the data. 

That is not a trivial task. Microsoft will only say
that if you lose the password that controls entry to
a Windows 2000 system, your best option is to
remember it ­ or simply to wipe the machine and
start again. And its Encrypting File System (EFS),
which had been used to encode the files, is just as
strong. 

But the files were too valuable for that. Instead,
the team embarked on the task of breaking
through the encryption, which jumbles the
contents of the files so that even someone reading
the individual bytes of data stored on the actual
hard disk (rather than trying to access them
through the operating system, which had locked
them out) would simply find rubbish. 

Cracking the encryption meant finding the digital
"key" that had previously been used to unlock it.
That was not stored in any readable file on the
machine, for it was itself encrypted. 

The only way to reproduce it was to generate the
key from first principles: by trying various
combinations of random bits and trying to
decrypt the file with them, and seeing if it
produced sense ­ or gibberish. 

Luckily, the PC had a version of Windows 2000
with an "export-quality" key ­ only 40-bits long,
rather than the "US" quality, which being 128-bits
long would have been billions of times harder to
crack. 

Even so, it took the equivalent of a set of
supercomputers running for five days, 24 hours a
day, to find the key. But find it they did. 

The irony that the terrorists used a product made
by one of the US's biggest corporations to
protect plans it was making against it may not be
lost on an administration that recently relaxed rules
on the export of "strong" encryption. Tighter
controls may follow. 

By Charles Arthur 

[End excerpt]

-----



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list