[HN Gopher] Cracking an old ZIP file to help open source the ANC...
___________________________________________________________________
Cracking an old ZIP file to help open source the ANC's "Vula"
secret crypto code
Author : jgrahamc
Score : 291 points
Date : 2024-09-07 16:41 UTC (1 days ago)
(HTM) web link (blog.jgc.org)
(TXT) w3m dump (blog.jgc.org)
| geenkeuse wrote:
| Fascinating. We have been through so much here in SA. Hoping that
| this GNU of ours sets back the Doomsday Clock.
|
| Recommendation - Action Kommandant. A peek into the life of
| Ashley Kriel, one of our martyrs and the pride of Bonteheuwel.
| nxobject wrote:
| Thank you so much for sharing his name - it has been a passion
| of mine to learn about some of the gifted fellow travelers of
| the ANC, whose stories (and diverse talents!) are often
| overlooked...
|
| I learned about Athol Fugard in secondary school English, from
| a bolshie teacher who fled from SA to Canada in the 80s to
| avoid surveillance, and it opened my eyes.
|
| My best wishes to the SA people as well. A nation of so many
| gifted people and natural riches deserves so much better. At
| least it seems like the era of sclerotic internal politics in
| the ANC is over.
| Thaxll wrote:
| If you want to crack "old" ZIP and you know a few characters in
| the archive there is nothing better than:
| https://github.com/kimci86/bkcrack
| stavros wrote:
| The program the entire article is about?
| atlas_hugged wrote:
| TIMBOBIMBO hahahhaha
| declan_roberts wrote:
| Read through the whole article to see the password reveal. Was
| not disappointed!
| Thorrez wrote:
| That wasn't the password of the zip file that John cracked.
| TIMBOBIMBO was the password of a file that was inside the zip
| file, specifically a program. The program prompted for that
| password before it would continue running.
|
| The blog post doesn't say the zip file password. It's not
| clear to me if the program that cracked the zip file even
| found the zip file password. It might just be able to find
| the plaintext but not the password.
| qingcharles wrote:
| I too was waiting to see what the ZIP password was after
| all these years. I wonder if there is a way to reverse the
| decryption key into the password, or is it a sausage
| machine like password hashing?
|
| How long would it take to brute-force this on a modern PC?
| jgrahamc wrote:
| I spent a lot of power trying to reverse the actual
| password and got this far: PROGRAM
| PATTERN MAX LENGTH TESTED
| bkcrack ?p 14
| bkcrack ?u?d 16
| bkcrack ?u 17
| bkcrack ?l 15
| bkcrack ?u?l?l?l?l?l?l?l?l?l?l?l?l?l?l?l 16
| bkcrack ?u?l?u?l?u?l?u?l?u?l?u?l?u?l?u?l 16
| hashcat ?u?l?d 14
|
| The author kindly modified bkcrack based on Tim's fuzzy
| recollection of what he thought he might have chosen for
| the password: https://github.com/kimci86/bkcrack/pull/56
| and https://github.com/kimci86/bkcrack/pull/126. However,
| I ran out of time to work on this part and it seemed more
| important to get the actual code running.
|
| Also, in the course of things I discovered that Tim used
| PKZIP inside the BASIC code using a password that used
| non-printing characters.
| qingcharles wrote:
| > Also, in the course of things I discovered that Tim
| used PKZIP inside the BASIC code using a password that
| used non-printing characters.
|
| Wow, that would make brute-forcing it an order of
| magnitude slower if you're having to cycle through
| control characters too. I wouldn't have thought to do
| this, as I wouldn't risk it not being supported.
| rurban wrote:
| The keys were personalized though. So this was for Timbo
| rasz wrote:
| >Operation Vula ... 8-bit computers, DTMF tones, acoustic
| couplers
|
| CIA/NSA got a whiff of Operation Vula using off the shelf Philips
| PX-1000 with build in DES and backdoored the product by bribing
| Philips https://www.cryptomuseum.com/crypto/philips/px1000/
| rurban wrote:
| Which Tim Jenkins did overcome by using his own systems and own
| crypto. No backdoored DES, but ultimately secure one-time pads
| transported via floppies by the stewardess to each party. If
| they got hold of such a floppy in SA, it would only compromise
| the messages of this one receiver. Which would be detected
| sooner or later.
| jll29 wrote:
| Probably using ANY commercial encryption tech, you're doomed.
|
| But it is naive to generate the key for a one-time pad using a
| PSEUDO random number generator!
|
| The whole point of the one-time pad is to achieve true security
| because you can use truly random keys. The kind of key that
| used here could have been created locally by just exchanging
| the seed, which would have prevented putting all these
| stewardesses in danger ;-).
|
| I understand the developer was self-taught (and "learn as you
| go" on top), so it's understandable, but whoever reads this and
| has truly important secrets, don't be that silly.
|
| Having said this it is no easy to generate truly random numbers
| in large quantities. Again, you will need to build yourself
| your own hardware device, because most likely, all commercially
| available gear is rigged.
| rurban wrote:
| I've got a look at his number generator for the secure one-time
| pad, and Melissa O'Neil would be proud. Almost pcg. It uses the
| powerbasic system Rand LCG to switch between 3 new rand1-3
| functions, two of them with different LCG's.
|
| https://github.com/Vulacode/RANDOM/blob/d6a1a1d694b22e6a115b...
| Vecr wrote:
| Nowhere near good enough for an actual One Time Pad, obviously.
| nxobject wrote:
| And the original programmer wrote a of this while having to
| pick up crypto and BASIC on the go, too. Never roll your own
| crypto is the first rule, unless you were in the late 80s and
| working with fancy new tech...
| 20k wrote:
| Man that one time pad generation is...... not good, I would bet
| that its very possible to recover the seed state for the
| different generators, LCGs are trivial to reverse engineer. It
| looks like the PRNG's are seeded by the system RNG as well,
| which means that you only need to recover the initial seed of
| the system's LCG to reverse engineer the one time pads
|
| I don't know what the seed size is of the system LCG, but if
| its 32-bit (which I think it is), you could simply bruteforce
| the seed state, and do entropy analysis on the result to crack
| it in like an hour tops
| edent wrote:
| One thing I found fascinating about Vula was how the lack of
| usability of the system was its downfall.
|
| You had highly committed activists, fighting for freedom, up
| against a murderous regime - and yet they still failed to use the
| system properly.
|
| Activists left documents unencrypted. Keys were easily
| obtainable. Some important communications were sent in the clear
| because people found the software so cumbersome.
|
| We all know that setting up PGP and using it properly is a pain
| in the neck. Security _is_ usability.
|
| I wrote a bit more about Vula at
| https://shkspr.mobi/blog/2014/01/the-hardest-problem-in-encr...
| amne wrote:
| imagine losing your house keys and never being able to enter it
| again.
|
| usability, most of the times, reduces security.
| jll29 wrote:
| "Imagine"? There are plenty of folks who lost access to the
| crypto wallets with millions in it.
| bravetraveler wrote:
| I used mining as a stability test, there's a small fortune
| floating somewhere. There was a time one could feasibly get
| a full Bitcoin every week with a single core Athlon64 chip
| running 24/7
|
| Before Agent 47 starts sleuthing, the wallet is on a
| mechanical drive that almost surely didn't make it through
| at least a dozen moves over just as many years. Good luck.
| sweeter wrote:
| I find the fall of the South African apartheid pretty fascinating
| all around. I wasn't really even aware of this aspect. Fun fact,
| this is where the BDS movement started (boycott, divest,
| sanction) and the majority opinion at the time was that the
| apartheid would never end... but after a long time of continuous
| pressure from many different pressure points, it caused a lot of
| stress which led to its collapse.
|
| pretty interesting that this was done on a Toshiba T-100. What a
| neat computer.
___________________________________________________________________
(page generated 2024-09-08 23:01 UTC)