Posts Tagged ‘PGP’

It’s been a long while since we made an update to one of our most technically advanced tools, Elcomsoft Forensic Disk Decryptor (EFDD). With this tool, one could extract data from an encrypted disk volume (FileVault 2, PGP, BitLocker or TrueCrypt) by utilizing the binary encryption key contained in the computer’s RAM. We could find and extract that key by analyzing the memory dump or hibernation files.

Investigators start seeing BitLocker encrypted volumes more and more often, yet computer users themselves may be genuinely unaware of the fact they’ve been encrypting their disk all along. How can you break into BitLocker encryption? Do you have to brute-force the password, or is there a quick hack to exploit?

Déjà vu

December 24th, 2012 by Vladimir Katalov

The story about PGP becomes really funny.

BitLocker, PGP and TrueCrypt set industry standard in the area of whole-disk and partition encryption. All three tools provide strong, reliable protection, and offer a perfect implementation of strong crypto.

In brief, here is the "problem": for years (I think starting from Windows 3.0 released almost 20 years ago), the passwords are being masked as you type them (in most programs what have any kind of password protection, and an operating system itself), i.e. replaced with asterisks or black circles. What for? To prevent the password from being read by someone who stands behind you.

There is a few, so I’ll put ’em all into a single blog post 🙂

Note to PGP legal dept: I’m not going to put the ® sign every time when I mention PGP. I’m just tired; we already did that in our press release and on our web site, and I think it’s enough. No, really? Well, I’ll repeat one more time: all names like PGP are trademarks or registered trademarks of their respective owners in the UK, USA, Russia and probably somewhere else  e.g. in Albania. There are too many countries to mention, sorry :). Why should I care about (R)? Keep reading, and you’ll see the reason.

There is a lot of speculation about what has happened between Elcomsoft and PGP here on Infosecurity Europe 2009 in London, so I would like to share my own point of view which may or may not coincide with Elcomsoft’s.

We never thought that our participation would bring such kind of trouble (or at least a disappointment).

There is only one way to break through PGP® encryption – GPU accelerated brute force – and that one is too many. New Elcomsoft Distributed Password Recovery v. 2.80.206 crunches PGP® passwords 200 times faster using graphic chips.