Git-Mirrors/into-the-crypt
1
0
Fork 0
mirror of https://0xacab.org/optout/into-the-crypt.git synced 2024-09-27 21:55:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

MD tweak

Browse Source
This commit is contained in:
arcanedev 2021-08-09 22:45:11 +00:00
parent 8bbc4716f7
commit bfab98759b
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -277,10 +277,10 @@ There are USB devices known as "Mouse Jigglers" that are used by forensic teams
There are easy preventative software-based solutions such as USBGuard that can prevent these devices for operating, however this will likely be picked up on and human mouse jigglers can take their place.
Ideally a process can be utilized to detect such a device and invoke a shutdown process. A mitigation for the human mouse jigglers could be implementing forced authentication every half hour to an hour. If the credentials have not been entered, the user session could be terminated, memory could be cleared, or the shutdown command could even be invoked.
## Play on Resources
Earlier, it was said that these groups have unlimited resources; this is not entirely true. The one resource which they lack is time. While they have infinite funds to allocate towards password and key cracking methods, so long as quantum physics strays behind computing, time is their main constraint. Taking methods from obscurity, the use of non-default encryption algorithms and hashing mechanisms for keys substantially increases the amount of time the analyst must expend on cracking. If the analyst cannot identify the hash function or cipher, they must try all possible options. Even if the correct password is obtained, this becomes useless without the proper cipher. For instance, Veracrypt uses over fifteen combinations of individual encryption algorithms and cascaded/stacked ciphers. Complement this with the five supported hash functions, and we are looking at 75 possible combinations of symmetric ciphers and one-way hash functions. As stated by ElcomSoft, "Trying all possible combinations is about 175 times slower compared to attacking a single combination of AES+SHA-512." [#](https://blog.elcomsoft.com/2020/03/breaking-veracrypt-containers/)
Hypothetically, if the algorithm/hash combination is known by the attacker, here is where the cascading algorithms display their value:
"Whether they choose to encrypt with AES, Serpent, Twofish or any other single algorithm, the speed of the attack will remain the same. Attacks on cascaded encryption with two algorithms (e.g. AES(Twofish)) work at half the speed, while cascading three algorithms slows them down to around 1/3 the speed."
## Play on Resources
Earlier, it was said that these groups have unlimited resources; this is not entirely true. The one resource which they lack is time. While they have infinite funds to allocate towards password and key cracking methods, so long as quantum physics strays behind computing, time is their main constraint. Taking methods from obscurity, the use of non-default encryption algorithms and hashing mechanisms for keys substantially increases the amount of time the analyst must expend on cracking. If the analyst cannot identify the hash function or cipher, they must try all possible options. Even if the correct password is obtained, this becomes useless without the proper cipher. For instance, Veracrypt uses over fifteen combinations of individual encryption algorithms and cascaded/stacked ciphers. Complement this with the five supported hash functions, and we are looking at 75 possible combinations of symmetric ciphers and one-way hash functions. As stated by ElcomSoft, "Trying all possible combinations is about 175 times slower compared to attacking a single combination of AES+SHA-512." [#](https://blog.elcomsoft.com/2020/03/breaking-veracrypt-containers/)
Hypothetically, if the algorithm/hash combination is known by the attacker, here is where the cascading algorithms display their value:
"Whether they choose to encrypt with AES, Serpent, Twofish or any other single algorithm, the speed of the attack will remain the same. Attacks on cascaded encryption with two algorithms (e.g. AES(Twofish)) work at half the speed, while cascading three algorithms slows them down to around 1/3 the speed."
- note:
VeraCrypt does not keep encryption/hashing algorithms secret. Keeping such information secret would break the functionality of VeraCrypt (unless the user were to enter such information on every boot, comparably to how PIMs work). An attacker will never need to attempt multiple combinations. They will simply need to attempt cracking a single, different, algorithm.