Would successfully cracking an encrypted file reveal the file's passphrase?

For example, lets say you have 2 containers with the same password- but one has a weak encryption (WinZip or Axcrypt) and is only 128 bit and the other has stronger encryption (Truecrypt / 256bit)

If the weaker file (winzip encryption or axcrypt) was cracked, would this also reveal it's passphrase? Thus compromising both files that shared the same passphrase?

Thanks in advance

 

First of all, both WinZip and AxCrypt support AES, which is the default cipher on TrueCrypt. It is arguably the most secure, given the sheer breadth and longevity of its use.

True, older versions of WinZip utilized the legacy Zip 2.0 encryption, which is considerably weak comparatively...but I doubt there's many people using it these days. And yes, AxCrypt uses 128-bit keys, while WinZip and TrueCrypt support up to 256-bit keys...

But as Schneier says:

"for new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the forseeable future. But if you're already using AES-256, there's no reason to change. [...]

Neither can be broken. There are no attacks against any AES variants that are better than brute force; all of these attacks are against reduced-round variants.

That being said, the key schedule for AES-256 is very poor. I would recommend that people use AES-128 and not AES-256."​

So don't just assume "more bits automatically means more secure."

That being said, the answer to your question depends on the method used to break the encryption. What you're basically asking is: "If you have two houses that both use the same key...and someone is able to gain unauthorized entry into one house...does that mean he can do the same to the other?"

Obviously it all depends on how did he gain access to the first house?

 

Hi Jackman,

I understand the part where 128 bit is still very secure compared with 256 bit.

What I meant was that Truecrypt's Encryption> Winzip and Axcrypt irregardless of the # of bits. Although I didn't want to imply cracking any of these would be easy or anything. I don't know the exact terminology but it has to do with Truecrypt's encryption algorithm and other technical stuff I would not be able to explain.

So I am obviously excluding that the attacker gained access finding the correct passphrase (dictionary method, etc.).

So basically , you are saying that there are ways to reveal an encrypted files password if the encryption is cracked, correct?

 

I would think if you found a flaw in the algo or implementation, you wouldn't necessarily know the passphrase.

If you Brute Forced, or used dictionary attacks like the recent ArsTechnica article, you would know the passphrase.

Malware grabbing the passphrase, would also obviously, know it.

PD

 

PD,

thank you for your response.

So if I am using two encryption apps (Truecrypt and Axcrypt), and I choose to use the same password for both, they would be as secure or vulnerable as the weakest link (which I believe is Axcrypt, although still very very secure).

My second question I forgot to ask, would using the same passphrase for both my truecrypt containers and axcrypt containers make it any easier to crack either container?

For example, If I chose a 50 character passphrase for either container, it would be an extremely difficult task to compromise either (in and of themselves)

On the other hand, if I used this same 50 character password for BOTH containers, and an attacker gained access to both, would this make them any less secure? Or would they still be just as secure?

 

Well that's not really what he said. The only way a "weak link" matters is if it is in the encryption scheme itself (e.g. using the actual plaintext passphrase as the key) or in the implementation of the scheme. This is not an issue in TC or AC.

Let me get this straight. You're supposing an attacker gains access to both of your encrypted volumes. And you're wondering if, after both of your volumes have been compromised, the fact that they both utilized the same passphrase makes them less secure?

How do you get "less secure" than "not secure"?

What you're essentially saying is that the gang members are already inside your bedroom, but you're worried that that means your house is even less secure because you happen to have the same locks on all the doors?

 

If you're talking about cloned volumes with TC or something then the answer is yes. I'm guessing if you are maybe asking if you had low-risk material in one container and it was cracked, would they have the password to open the other volume with high-risk material? The answer is basically, yes. The key could be scraped from memory no matter what different type of software encryption you're using. TC and another TC volume, TC and another software product or, actually....there's several ways. But the answer to what I think you're asking is yes.

 

I've re-read this thread and I feel like I haven't clearly communicated my question so I thought the best way to do this is to break it down to an example situation with all the facts.

Okay there are two questions I am asking, but first...

Let's say I am using two program, Truecrypt and Axcrypt.
Let's say I have created two encrypted files, a truecrypt container and an axcrypt container.

Let's say that the passphrase is 20 random characters with numbers, letters, symbols, etc.

Let's also say that an attacker gained access to the files through hacking into a cloud service provider, so all they have is the two encrypted files and that's it. (No keylogging info, no access to memory or cache etc etc.)

Attack #1
The first way an attacker might try to decrypt the files is to enter in all possible combinations, but since it is 20 random characters this will take, lets say, 1000 years. But since this has nothing to do with encryption security, it should take the same or similar amount of time for both files (Truecrypt and Axcrypt containers)


Attack #2
Now here comes the encryption security. Let's say that Truecrypt is twice as secure as Axcrypt so it will take 1/2 the time to crack open Axcrypt container.

So let's say that it will take 50 years to crack open Truecrypt's container and 25 years to crack Axcrypt's container using other methods other than guessing the right passphrase. (These numbers are probably way off but for illustrative purposes we'll use them)


Question #1
Let's say an attacker had both files, cracked open Axcrypt's container in 25 years.

Now, my first question is, once he's cracked open Axcrypt's container, is it possible for him to extract or reveal the container's passphrase? And if so, he will have the passphrase to decrypt Truecrypt container also?

So after reading this thread, the answer seems to be yes. Is this correct? If the answer is yes, than in this situation, an attacker could possibly have access to the data in both files in 25 years.

Question #2

Okay, now my question is, does an attacker that has both files that should normally take 25 or 50 years to crack,

Because both files have the same passphrase, does this make either container LESS secure? For example, would it take LESS amount of time to crack either container? Like 12.5 years vs 25 or 50 years?

OR would having both containers, even with the same passphrases, not help an attacker at all, so both would still take 25 and 50 years to crack.


I hope this has made my questions clear enough now

 

This is exactly what I thought you were asking initially. And my answer now is the same as it was then. It depends on what they did to "crack" it.

No, that doesn't make any sense. That would be like having two different door locks...say, one door handle lock, and one deadbolt...that used the same key. The fact that they use the same key isn't going to make it any easier to break weaker lock than if you simply had the weaker lock by itself. In other words, simply having another lock available isn't going to increase your cracking time. Why would it?

 

Yes this is my exact thinking and I just wanted to make sure because I am no encryption expert. I wasn't sure if there was a way that I wasn't aware of, of being able to exploit that situation and wanted to double check with those more knowledgeable than myself.

BTW I wrote this same question on yahoo answers, and I got a response saying it would be highly stupid to use the same password but did not give any reason why.

So to summarize: if we are using high quality 20+ character passwords, than it all shouldn't matter using the same password as long as you stick to and use a program with at least a minimum of Axcrypt/Truecrypt level of security for all your encrypted containers, right?

That was my original understanding so thank you for verifying this with me.

Here is where I got the "stupid" response:
http://answers.yahoo.com/question/i...jXZpY.kjzKIX;_ylv=3?qid=20130602170625AA3ppbs

 

Theoretically, yeah. Basically the algorithms used by AxCrypt and TrueCrypt have never been broken (so far as we know). So you're banking on the high probability that they are secure. And as others have brought up around here, LEAs don't seem to be able to get into TC volumes (when implemented properly), so to me that suggests that not only the algorithms themselves are secure, but the implementation is as well.

So yes, as long as your passphrase is strong enough to resist any practical bruteforce, and you're using a trusted implementation of a tried and true algorithm setup, it's not going to matter how many places that passphrase is used...as far as the encryption is concerned.

The real danger is, the encryption is almost never the weakest link in the chain. Which means an attacker is rarely going to go after it. It's the side-channels you have to watch out for. As Schneier always says: "Security is a chain; it's only as secure as the weakest link." "Security is a process, not a product."

As he mentioned here:

Mathematical cryptography, as bad as it sometimes is, is the strongest link in most security chains. Our symmetric and public-key algorithms are pretty good, even though they're not based on much rigorous mathematical theory. The real problems are elsewhere: computer security, network security, user interface and so on.

Cryptography is the one area of security that we can get right. We already have good encryption algorithms, good authentication algorithms and good key-agreement protocols. Maybe quantum cryptography can make that link stronger, but why would anyone bother? There are far more serious security problems to worry about, and it makes much more sense to spend effort securing those.

As I've often said, it's like defending yourself against an approaching attacker by putting a huge stake in the ground. It's useless to argue about whether the stake should be 50 feet tall or 100 feet tall, because either way, the attacker is going to go around it.​

Basically what he's saying is it's unlikely that the encryption will be broken. The way you're going to have a security breach is by revealing your password...or by leaving your system unlocked...or by allowing malware in the system by downloading it yourself...or by an insider with legit access...any one of a million other things...

This cartoon is popular for a reason:

https://xkcd.com/538/

So the danger with reusing the same passphrase is, once someone has it, they have the key to everything...as opposed to one thing.