truecrack Password cracking for truecrypt(c) volume files.

[Hungry Man]

truecrack
Password cracking for truecrypt(c) volume files.

Quote:

WHAT TrueCrack IS?
TrueCrack is a brute-force password cracker for TrueCrypt (Copyrigth) volume files. It works on Linux and it is optimized with Nvidia Cuda technology.
It works with cripted volumes with the following algorithms:

PBKDF2 (defined in PKCS5 v2.0) based on RIPEMD160 Key derivation function.
XTS block cipher mode of operation used for hard disk encryption based on AES.
TrueCrack can work in two different modes of use:
Dictionary attack: read the passwords from a file of words (one password for line).
Charset attack: generate the passwords from a charset of symbols defined by the user (for example: all possible strings of n characters from the charset "abc" ).

https://code.google.com/p/truecrack/

And within that link is an excellent lesson in why dictionary words are terrible to use as passwords:

Quote:

Total execution time for a dictionary attack of 10,000 words with average length of word: 10 characters.
CPU mode

System: Intel Core-i7 920, 2,67GHz
Total time: 11m 01,1s

GPU mode

Board: nVidia GeForce GTX470
Total time: 0m 30,425s

It also doesn't mention anything about generating rainbow tables, but surely that needs to be done for the cracker to work.

[Hungry Man]

You don't need rainbow tables for dictionary attacks.

If my password is: Hungry Man
the hash is: abcdefghiblahblahblah

A dictionary attack will guess "table, man, lunch, hungry" whatever until it gets hungry man

a rainbow table will guess "aerguhaerg, aeiuhqnrt, ougfhb, abcdefghiblahblahblah"

It bypasses taking a hash of each of those, which saves time for really slow crypto methods. You can do it either way though.

[EncryptedBytes]

It had me interested until I read "Brute force", if you use proper passphrases and entropy this will not be an issue. Also keep your passwords used for encryption separate from those you use online. We in the forensic field make our dictionary lists based on the target’s personal information (easily pulled from social websites) and any login/password data we receive from subpoenas.

[Hungry Man]

lol it would be much bigger news if it did anything else

[EncryptedBytes]

Quote:

Originally Posted by Hungry Man

lol it would be much bigger news if it did anything else

Well I do have my argument index cards ready right next to my coffee for the inevitable impending comment from someone here claiming TC is now broken and AES should not be used.

[happyyarou666]

Quote:

Originally Posted by EncryptedBytes

Well I do have my argument index cards ready right next to my coffee for the inevitable impending comment from someone here claiming TC is now broken and AES should not be used.

lols thatd be the day , until then well be safe and IF anything would come up then there would be a simple countermeasure ....as per usual

[PaulyDefran]

So what if Serpent was used? Or Twofish? Like EB said, your password should not be 'real' words, and please try to use all 64 characters that TC allows...and a key file. This doesn't apply to containers but for system encryption, as recently discussed on the TC forums, if they can't get the boot loader (if it's on external media that remains hidden from discovery for example) they have to brute force 512bits. (I assume this has to do with salt and the resulting hash). Rainbow tables of random gibberish would be near impossible I would think.

PD

[Hungry Man]

64 characters? lol how can anyone remember that? 20 characters is already really overkill.

[PaulyDefran]

I can I don't use this method, but modified song lyrics are easy, as long as you modify them to not be 'real' words. I actually have four or five 64 character strings committed to long term memory, but have recently changed to only using 32 and having various Yubikey's remember the other 32.

PD

[jitte]

I brought the subject of TrueCrack up the other day, though I've never used it or TrueCrypt.

http://www.wilderssecurity.com/showthread.php?t=324156

I don't have anything more sensitive than passwords to 3-4 Yahoo emaill accounts on my machines and use bcrypt, which uses Blowfish, to encrypt them as individual files then make the folder I keep them in hidden with a . in front of it.

[tateu]

Quote:

Total execution time for a dictionary attack of 10,000 words with average length of word: 10 characters.
CPU mode

System: Intel Core-i7 920, 2,67GHz
Total time: 11m 01,1s

GPU mode

Board: nVidia GeForce GTX470
Total time: 0m 30,425s

That is extremely slow, even in GPU mode. 10,000 passwords in 30 seconds is only 333.33 passwords per second. OTFBrutusGUI on my dual QuadCore Xeon running 16 CPU threads can try 1664 passwords per second and Ivan Golubev's Password Recovery Suite ( http://www.golubev.com/igprs/ ) running in GPU mode can supposedly try 27,000 passwords per second, although it can only attack SHA512.

[LockBox]

Ho hum. Another forensic tool to "crack" Truecrypt volumes using dictionary words and character sets. Next!

[tuatara]

Quote:

Ho hum. Another forensic tool to "crack" Truecrypt volumes using dictionary words and character sets. Next!

You are right, forget cracking AES!! Brute Forcing is the real danger for this hyperfast cipher!

Its a good thing that threads like this and others in this forum make it clear, that although AES is not broken, it is possible to use brute forcers and retrieve more then 94% of the most used TrueCrypt passwords.
Of course you can use a password generator that will use all types of chars in a random order in the maximum lenght of the TrueCrypt password size.
But if you decide to use TrueCrypt in let's say a large company,with a lot of users,it might be unsafe or unusable.
How must a traveler with his encrypted notebook disk remember such a password ?
Write it down an type it over at every pc boot ?
Or store his password in another TrueCrypt folder with the same kind of password
Store it on a usb flash memory that can be read by his notebook when it is unlocked with eh ...?
For the record a long password with dictionary words , easy to remember doesn't really help.
And no replacements like "a" with "@" and o with "0" is not clever
And 99 % of TrueCrypt users are using AES
(because of the strong performance suggestions,
and the fact that it is the only cipher to be able to encrypt the OS)

To oversimplify:

If you want to brute force your own home brew dictionary, build over the years...
Then of course AES is your friend, and the fastes cipher you can use,
to brute force such a fixed size dictionary.

See this: -http://www.youtube.com/watch?v=GzDbvd5knmQ-
Just imagine what you could do with millions of dollars on hardware

[PaulyDefran]

Quote:

Originally Posted by tuatara

...and the fact that it is the only cipher to be able to encrypt the OS

You can use other ciphers to encrypt the OS, you are limited only to RIPEMD-160.

PD

[hashed]

Quote:

Originally Posted by PaulyDefran

I can I don't use this method, but modified song lyrics are easy, as long as you modify them to not be 'real' words. I actually have four or five 64 character strings committed to long term memory, but have recently changed to only using 32 and having various Yubikey's remember the other 32.

PD

I will do you one better than that, I use GRC's most excellent perfect password generator. If you can break through that line of gibberish, you deserve to get to my data

~h

[Hungry Man]

Quote:

For the record a long password with dictionary words , easy to remember doesn't really help.

@Tuatara,

Wrong.

[hashed]

Quote:

Originally Posted by PaulyDefran

I can I don't use this method, but modified song lyrics are easy, as long as you modify them to not be 'real' words. I actually have four or five 64 character strings committed to long term memory, but have recently changed to only using 32 and having various Yubikey's remember the other 32.

PD

LOL, your memory is better than mine

~h

[Dick99999]

Quote:

Originally Posted by tuatara

You are right, forget cracking AES!! Brute Forcing is the real danger for this hyperfast cipher!

Its a good thing that threads like this and others in this forum make it clear, that although AES is not broken, it is possible to use brute forcers and retrieve more then 94% of the most used TrueCrypt passwords.
[......................]

More then 94% of the most used .... Which set of most used passwords are you refering to?

[x942]

Quote:

Originally Posted by Hungry Man

64 characters? lol how can anyone remember that? 20 characters is already really overkill.

Lol I remember 4 such passwords and one longer (~80 char) password. I also use a yubikey to output a random 32 char password in a random spot in my password (only on my laptop) so I know 64 chars and some where in there the yubikey outputs 32 chars that I don't know. This way if I am ever forced to disclose the password I can't as I don't know all of it and a yubikey can be destroyed easily if needed.

[Hungry Man]

I'm all for having passwords you can't remember. I don't remember most of mine - truecrypt does... but it would probably take longer than any of us will live just to get through a 20 character password using MD5.

[Fontaine]

What's the benefit of using three encryption levels (AES-TWOFISH-BLOWFISH) on a Truecrypt volume?

If I have a 20 character password that a programs successfully guesses, it would essentially unlock all three levels and give access to the data inside, right?

[dantz]

Quote:

Originally Posted by Fontaine

What's the benefit of using three encryption levels (AES-TWOFISH-BLOWFISH) on a Truecrypt volume?

If you believe that one of the available ciphers is at risk of being cracked in a direct attack (that is, irregardless of the password) then using two or three different ciphers to encrypt your data will help to defend against that possibility. The downside is that your performance will suffer significantly.

Quote:

Originally Posted by Fontaine

If I have a 20 character password that a programs successfully guesses, it would essentially unlock all three levels and give access to the data inside, right?

Yes.

[happyyarou666]

lols talk about overkill , aes 256 ripemd160 with a 64bit passphrase(never use devices to store keyfiles i dont trust em , only thing to trust is your own memory if that fails well thats that but your not at risk having half your passphrase being discovered if they get to your device that holds that keyfile wich will make brute forcing much easier then for your adversary not to mention your keyfiles can become corrupted ) anyhow aes is more than enough to keep em busy for the next 100 years atleast until then youll be long dust , i can imagine the performance decrease with all 3 algorithms xD lmfao

[PaulyDefran]

True, but a Key File is *extra* insurance (make copies). Not that *I* even use them, but you could, say, have a folder on every computer you own, named 'Key Files'. Inside that folder, you could have 10,000 text files that were generated with a random file generator, that contain random data. You could then encrypt those 10,000 files with GPG, AxCrypt, etc, using a random pass phrase that you don't remember. Your KF *could* be in there...but maybe it's elsewhere? LOL, have fun looking for Key Files... And *are* they Key Files? Maybe they are very small TC containers? Tick-Tock forensicator's, you don't have all the time in the world to process this machine...the cases are piling up! Hehehe.

Ideas from: -https://www.youtube.com/watch?v=-HK1JHR7LIM-

PD