From: smith_ca on
i wrote this program http://www.thesmith.ca/weiss/files/dcrack.rar as
experiment, i don't know if code existed like it before or if anyone
here cares to look.

it bit-ors key schedules against others to create new ones rather than
create them separetely in call to str_to_key()/des_set_key() for brute
force attack, using custom character set..

my question is, what would be the best method/technique to crack DES
ciphertext, when the plaintext is known, using a custom character
set...excluding bitslice.

i'm just curious about this one.

any information would be appreciated, thanks.

kevin

From: Douglas A. Gwyn on
smith_ca wrote:
> my question is, what would be the best method/technique to crack DES
> ciphertext, when the plaintext is known, using a custom character
> set...excluding bitslice.

The character set should have nothing to do with it.
From: Joseph Ashwood on
"smith_ca" <wyse101(a)gmail.com> wrote in message
news:1161791095.533348.55670(a)b28g2000cwb.googlegroups.com...
>i wrote this program http://www.thesmith.ca/weiss/files/dcrack.rar as
> experiment, i don't know if code existed like it before or if anyone
> here cares to look.
>
> it bit-ors key schedules against others to create new ones rather than
> create them separetely in call to str_to_key()/des_set_key() for brute
> force attack, using custom character set..

It's been done several times, although they generally use exclusive-Or since
it actually allows the system to reach all possible keys.

> my question is, what would be the best method/technique to crack DES
> ciphertext, when the plaintext is known, using a custom character
> set...excluding bitslice.

That question doesn't make sense. What you've basically asked is "What is
the fastest way to do this without making it fast?" Bitslicing is a method
of computation of the DES algorithm, and the only way I know of to make it
fast in software. As Douglas noted, the character set is irrelevant, it can
only be used to check whether the block is good, but if you know the
plaintext then it is completely irrelevant.
Joe


From: smith_ca on

Joseph Ashwood wrote:

>
> It's been done several times, although they generally use exclusive-Or since
> it actually allows the system to reach all possible keys.
>
could you please provide an example where this is used so that i may
test its speed?
>
> That question doesn't make sense. What you've basically asked is "What is
> the fastest way to do this without making it fast?" Bitslicing is a method
> of computation of the DES algorithm, and the only way I know of to make it
> fast in software. As Douglas noted, the character set is irrelevant, it can
> only be used to check whether the block is good, but if you know the
> plaintext then it is completely irrelevant.
> Joe

what i meant was: What is the best alternative method to cracking DES
ciphertext that does not use bitslice idea?
you say this question does not make sense? my english is not great..as
you've probably gathered, but the question makes sense to me.

maybe i should have said, second-best? does that make sense to you??
well, it doesn't make sense to me, because bitslice is not fastest
method for
cracking DES ciphertext in all situtations.

why would i make such a "crazy" statement like this?
well..

if you take John The Ripper password cracker which uses "fastest
software implementation of DES" (bitslice) to crack DES password
hashes.
use incremental mode with alpha character set (A-Z) on 1 LM hash.
you will note that using what i wrote, dcrack, is faster..try it
yourself.

now, to see results on multiple hashes.
download saminside - http://www.insidepro.com/
this cracker by insidepro does not use bitslice to crack hashes, but
instead computes some very large tables based on the ciphertext & known
plaintext which is used to generate Microsoft LM hashes.

i have not seen source code or documentation to this idea anywhere on
the internet, although i have fair idea of its inner workings from some
reverse engineering. it does not use bitslice at all.

finally, in my opinion, DES keys are normally made up of characters on
a keyboard..so they are very relevant.

thanks for response

kevin