Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Breaking 224-bit Blowfish encryption

I have a bunch of encrypted files that I want to decrypt (duh). I found out they are encrypted with Blowfish using a 224-bit key after some research. I know what the first few bytes of the plaintext looks like (it's kind of a header).

Noting that I am not NSA nor do I have ridiculous computing power, is there any chance of me brute forcing the key within a reasonable time (eg: not the life of the universe)?

I read somewhere that someone published an attack on the full-blown Blowfish (no pun intended) that reduces the search to 2^(n/2) but it mysteriously disappeared. Apparently it was some kind of MITM attack; though Blowfish uses a 16 round Feistel network, so it has to be clever if it exists. Can anyone confirm this?

EDIT: I do have access to a large number of the keys that are used, just not all of them. Perhaps it would be more worth my while to try and attack the generation of the keys instead?

like image 802
NullUserException Avatar asked Jan 21 '23 02:01

NullUserException


2 Answers

There is no chance of you brute-forcing the key*. Assuming there is a meet-in-the-middle attack for Blowfish that reduces it to testing 2^112 keys, there isn't enough computing power on the planet to have a decent chance of brute-forcing the key before the Sun goes cold. The NSA couldn't do it either, if that's any consolation, although it's conceivable they can solve Blowfish rather than guess keys.

Unless you can find the keys, you aren't going to read the files.

*Technically, you do have a chance. However, it's far more likely that you'll win a national lottery twice (assuming you buy a ticket for two drawings).

like image 186
David Thornley Avatar answered Jan 22 '23 16:01

David Thornley


No, you can't recover the plain text unless the encryption was done incorrectly.

There is a published "known plain text" attack, but it requires billions of known plain texts to work.


Update regarding "Edit": Again, if the encryption was done correctly, examining the known keys won't help, because a cryptographic number generator used to generate good keys is going to have similar complexity as the cipher. However, using a bad generator (or password-based encryption with weak passwords) is a common implementation flaw. Good luck!

like image 40
erickson Avatar answered Jan 22 '23 16:01

erickson