return to table of content

Cracking an old ZIP file to help open source the ANC's "Vula" secret crypto code

atlas_hugged
6 replies
18h30m

TIMBOBIMBO hahahhaha

declan_roberts
4 replies
17h10m

Read through the whole article to see the password reveal. Was not disappointed!

Thorrez
3 replies
14h23m

That wasn't the password of the zip file that John cracked. TIMBOBIMBO was the password of a file that was inside the zip file, specifically a program. The program prompted for that password before it would continue running.

The blog post doesn't say the zip file password. It's not clear to me if the program that cracked the zip file even found the zip file password. It might just be able to find the plaintext but not the password.

qingcharles
2 replies
13h45m

I too was waiting to see what the ZIP password was after all these years. I wonder if there is a way to reverse the decryption key into the password, or is it a sausage machine like password hashing?

How long would it take to brute-force this on a modern PC?

jgrahamc
1 replies
11h57m

I spent a lot of power trying to reverse the actual password and got this far:

    PROGRAM  PATTERN                             MAX LENGTH TESTED
    bkcrack  ?p                                  14
    bkcrack  ?u?d                                16
    bkcrack  ?u                                  17
    bkcrack  ?l                                  15
    bkcrack  ?u?l?l?l?l?l?l?l?l?l?l?l?l?l?l?l    16
    bkcrack  ?u?l?u?l?u?l?u?l?u?l?u?l?u?l?u?l    16 
    hashcat  ?u?l?d                              14
The author kindly modified bkcrack based on Tim's fuzzy recollection of what he thought he might have chosen for the password: https://github.com/kimci86/bkcrack/pull/56 and https://github.com/kimci86/bkcrack/pull/126. However, I ran out of time to work on this part and it seemed more important to get the actual code running.

Also, in the course of things I discovered that Tim used PKZIP inside the BASIC code using a password that used non-printing characters.

qingcharles
0 replies
2h48m

Also, in the course of things I discovered that Tim used PKZIP inside the BASIC code using a password that used non-printing characters.

Wow, that would make brute-forcing it an order of magnitude slower if you're having to cycle through control characters too. I wouldn't have thought to do this, as I wouldn't risk it not being supported.

rurban
0 replies
16h58m

The keys were personalized though. So this was for Timbo

rurban
3 replies
17h1m

I've got a look at his number generator for the secure one-time pad, and Melissa O'Neil would be proud. Almost pcg. It uses the powerbasic system Rand LCG to switch between 3 new rand1-3 functions, two of them with different LCG's.

https://github.com/Vulacode/RANDOM/blob/d6a1a1d694b22e6a115b...

nxobject
0 replies
8h26m

And the original programmer wrote a of this while having to pick up crypto and BASIC on the go, too. Never roll your own crypto is the first rule, unless you were in the late 80s and working with fancy new tech…

Vecr
0 replies
16h14m

Nowhere near good enough for an actual One Time Pad, obviously.

20k
0 replies
15m

Man that one time pad generation is...... not good, I would bet that its very possible to recover the seed state for the different generators, LCGs are trivial to reverse engineer. It looks like the PRNG's are seeded by the system RNG as well, which means that you only need to recover the initial seed of the system's LCG to reverse engineer the one time pads

I don't know what the seed size is of the system LCG, but if its 32-bit (which I think it is), you could simply bruteforce the seed state, and do entropy analysis on the result to crack it in like an hour tops

rasz
2 replies
18h19m

Operation Vula ... 8-bit computers, DTMF tones, acoustic couplers

CIA/NSA got a whiff of Operation Vula using off the shelf Philips PX-1000 with build in DES and backdoored the product by bribing Philips https://www.cryptomuseum.com/crypto/philips/px1000/

rurban
0 replies
16h45m

Which Tim Jenkins did overcome by using his own systems and own crypto. No backdoored DES, but ultimately secure one-time pads transported via floppies by the stewardess to each party. If they got hold of such a floppy in SA, it would only compromise the messages of this one receiver. Which would be detected sooner or later.

jll29
0 replies
5h44m

Probably using ANY commercial encryption tech, you're doomed.

But it is naive to generate the key for a one-time pad using a PSEUDO random number generator!

The whole point of the one-time pad is to achieve true security because you can use truly random keys. The kind of key that used here could have been created locally by just exchanging the seed, which would have prevented putting all these stewardesses in danger ;-).

I understand the developer was self-taught (and "learn as you go" on top), so it's understandable, but whoever reads this and has truly important secrets, don't be that silly.

Having said this it is no easy to generate truly random numbers in large quantities. Again, you will need to build yourself your own hardware device, because most likely, all commercially available gear is rigged.

edent
2 replies
12h30m

One thing I found fascinating about Vula was how the lack of usability of the system was its downfall.

You had highly committed activists, fighting for freedom, up against a murderous regime - and yet they still failed to use the system properly.

Activists left documents unencrypted. Keys were easily obtainable. Some important communications were sent in the clear because people found the software so cumbersome.

We all know that setting up PGP and using it properly is a pain in the neck. Security is usability.

I wrote a bit more about Vula at https://shkspr.mobi/blog/2014/01/the-hardest-problem-in-encr...

amne
1 replies
11h38m

imagine losing your house keys and never being able to enter it again.

usability, most of the times, reduces security.

jll29
0 replies
5h50m

"Imagine"? There are plenty of folks who lost access to the crypto wallets with millions in it.

geenkeuse
1 replies
19h13m

Fascinating. We have been through so much here in SA. Hoping that this GNU of ours sets back the Doomsday Clock.

Recommendation - Action Kommandant. A peek into the life of Ashley Kriel, one of our martyrs and the pride of Bonteheuwel.

nxobject
0 replies
12h53m

Thank you so much for sharing his name - it has been a passion of mine to learn about some of the gifted fellow travelers of the ANC, whose stories (and diverse talents!) are often overlooked…

I learned about Athol Fugard in secondary school English, from a bolshie teacher who fled from SA to Canada in the 80s to avoid surveillance, and it opened my eyes.

My best wishes to the SA people as well. A nation of so many gifted people and natural riches deserves so much better. At least it seems like the era of sclerotic internal politics in the ANC is over.

Thaxll
1 replies
19h12m

If you want to crack "old" ZIP and you know a few characters in the archive there is nothing better than: https://github.com/kimci86/bkcrack

stavros
0 replies
18h32m

The program the entire article is about?