PGP secret keys (was Re: Dell BIOS DoS)

[Matthew Wakeling <mnw21-bugtraq () jumpleads com>]

On Wed, 10 Dec 2003, Thor wrote:
> Is a weak passphrase more easily exploited with the presense of the key ring
> vs direct attack against the encrypted data?  Stuff like that...
>
> Anyone have any insight?

Well, a few weeks ago, I forgot my PGP secret key passphrase. I'm not the
best C programmer in the world (my job is programming in Java), but it
didn't take me very long to extend GnuPG to do parallelised passphrase
cracking. With the job spread between 14 multi-GHz CPUs in various
machines, it was capable of about 10,000 passphrases per second (ie.
slow, and I didn't see much leeway in the code for improvement). The
system didn't need any encrypted text - it was purely a crack
against the secret key encryption. By using special knowledge that I had
about the nature of the passphrase (how many characters, what approximate
characters it used and where), I calculated that it would take about a day
to find the passphrase.

And then I remembered that I had changed it to something else, which my
cracking program would never have found in a hundred years. Oh well. At
least I remembered the passphrase.

To answer your question, the weakest part of the PGP encryption system is
the passphrase. Having access to the secret key file reduces the
difficulty of cracking encrypted text from what computer scientists term
"difficult" to merely "computationally intensive", depending on the
passphrase that you have.

Matthew

-- 
"Argue not with dragons, for thou art crunchy and go well with brie."
                                                           -- Unknown