Need to crack someone else's password?
Tool helps investigators unlock passwords and crypto keys
- By William Jackson
- Jul 14, 2010
Passwords are intended to let only authorized users access files and information while keeping everyone else out. But what do you do when, for a legitimate reason such as an investigation, you need to know someone’s password?
If you don’t have the owner’s cooperation, there are tools available to help locate or guess passwords and cryptographic keys, such as Passware Kit Forensic, which scans computers for password-protected files and then searches for the passwords using algorithms to uncover them.
Passware is a password recovery and electronic discovery company, whose customers include the Internal Revenue Service, Secret Service, Senate, Supreme Court, and the Defense, Justice and Homeland Security departments. The kit’s tools can enforce password policies or recover passwords.
Access control is easy — unless you're doing it for everyone
Will digital certificates replace passwords?
Crowbar cracks SD cards and retrieves data without a trace
Sometimes the task is easy, even if the passwords are encrypted.
“It’s not really secure,” Passware president Dmitry Sumin said of the Web browser-based encryption commonly used to protect passwords. And Microsoft’s Office 2003 uses a 40-bit encryption key to protect files. “It is possible to find the key based on the file type” in a matter of minutes, he said.
Full-disk encryption, done right, can be nearly impossible to crack, he said. “If the encryption is strong enough, we use dictionary and brute-force attacks.”
The point of strong passwords and encryption is to make guessing keys and passwords through brute-force attacks difficult. But Passware addresses that challenge through distributed computing, harnessing the computing power of multiple workstations to work on a single password or key problem. Software agents installed on networked computers take advantage of unused computing cycles to speed the process. Passware Kit can support hundreds of agents, although adding even a few additional computers on a task can noticeably speed the process, Sumin said.
Passware Kit also supports hardware accelerators, such as graphics processing units and Tableau TACC1441 hardware, to hasten the process.
However, the software does not need to rely solely on chance and brute force. Knowing the encryption algorithms and password policies that protect files can help tell it what to look for, which reduces the odds somewhat.
That still does not guarantee success against a determined adversary with good tools, Sumin said.
“If we’re talking about a highly paranoiac pedophile, it could be impossible to get into the file,” he said. Passware Kit is one more tool in the investigator’s kit. “We are improving the chances.”
William Jackson is a Maryland-based freelance writer.