Popular Encryption Systems Cracked

by Lincoln Spector for Windows Secrets Newsletter

Popular Encryption Systems Cracked

Conventional wisdom has been that files protected with good encryption can’t be cracked.

But a new, $300, wizard-driven app can unlock BitLocker-, PGP-, and TrueCrypt-encrypted files, folders, and drives — no matter how strong a password you’re using.

It’s the sort of story that could keep you up at night. Last month, Elcomsoft released the Elcomsoft Forensic Disk Decryptor (EFDD; more info), a program that opens encrypted files without trying to guess your password or attack it with brute force (Wikipedia info). In fact, the actual password is effectively irrelevant. A long, random string such as bS2f#[voIT+?@=Uq3a,.B provides no better protection against EFDD than would “password” or “12345.”

That’s the bad news. The good news? EFDD works only within a limited set of conditions — and those conditions are actually fairly easy to avoid. And it’s not as if just anyone could put down $300 and use EFDD to quickly crack encrypted data. Although it’s wizard-driven, EFDD is not all that easy to use.

Encryption cracking without guessing passwords

First, it’s important to note that products such as EFDD serve a legal, legitimate purpose. If a user has forgotten his or her password, these forensic programs can restore access to otherwise lost data. If an employee purposely or accidentally locks a company out of its critical business files, password crackers are a perfectly legitimate recovery tool.

Other examples of legitimate uses for EFDD-like applications include Windows’ own Encrypted File System (EFS) — an encryption tool I don’t recommend. Windows automatically decrypts EFS-encrypted files when they’re opened (provided you’re properly signed in to the OS.) The process is so transparent, you can forget that you have encrypted files. Then, when your computer dies or you have to reinstall Windows, you suddenly discover your files are inaccessible. Microsoft provides a fix, but you need to have prepared for its use ahead of time.

Article continued here

This excerpt appears with permission from Windows Secrets Newsletter.

Windows Secrets Newsletter

About Windows Secrets

Insider tips, authoritative how-tos, security best practices, and more. The weekly Windows Secrets Newsletter brings you essential tips for Windows, applications, and computing on the Internet.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Scan with PC Matic

Sign up for our FREE Newsletter

Our weekly newsletter is packed with computer tips & tricks.
As a bonus, receive monthly emails with exclusive offers.

Which device is the most important to you?

View Results

Loading ... Loading ...


Contributors