ElcomSoft
ElcomSoft Co.Ltd. is a privately owned software company headquartered in Moscow, Russia. Since its establishment in 1990, the company has been working on computer security programs, with the main focus on password and system recovery software.
Type | Private |
---|---|
Industry | Software |
Genre | Password Cracking, Operating System Audit |
Founded | 1990 |
Headquarters | Moscow, Russia |
The DMCA case
On July 16, 2001, Dmitry Sklyarov, a Russian citizen employed by ElcomSoft who was at the time visiting the United States for DEF CON, was arrested and charged for violating the United States DMCA law by writing ElcomSoft's Advanced eBook Processor software. He was later released on bail and allowed to return to Russia, and the charges against him were dropped. The charges against ElcomSoft were not, and a court case ensued, attracting much public attention and protest. On December 17, 2002, ElcomSoft was found not guilty of all four charges under the DMCA.
Thunder Tables
Thunder Tables® is the company's own technology developed to ensure guaranteed recovery of Microsoft Word and Microsoft Excel documents protected with 40-bit encryption. The technology first appeared in 2007 and employs the time–memory tradeoff method to build pre-computed hash tables, which open the corresponding files in a matter of seconds instead of days. These tables take around ~ 4GB. So far, the technology is used in two password recovery programs: Advanced Office Password Breaker and Advanced PDF Password Recovery.
US patents
7,599,492 - Fast cryptographic key recovery system and method [1][2]
7,783,046 - Probabilistic cryptographic key identification with deterministic result [3][4]
7,787,629 - Use of graphics processors as parallel math co-processors for password recovery [5][6]
7,809,130 - Password recovery system and method [7][8]
7,929,707 - Use of graphics processors as parallel math co-processors for password recovery [9][10]
Cracking wi-fi password with GPUs
In 2009 ElcomSoft released a tool that takes WPA/WPA2 Hash Codes and uses brute-force methods to guess the password associated with a wireless network.[11] The brute force attack is carried out by testing passwords with a known SSID of a network of which the WPA/WPA2 Hash Code has been captured. The passwords that are tested are generated from a dictionary using various mutation (genetic algorithm) methods, including case mutation (password, PASSWORD, PassWOrD, etc.), year mutation (password, password1992, password67, etc.), and many other mutations to try to guess the correct password.
The advantages of using such methods over the traditional ones, such as rainbow tables,[12] are numerous. Rainbow tables, being very large in size because of the amount of SSID/Password combinations saved, take a long time to traverse, cannot have large numbers of passwords per SSID, and are reliant on the SSID being a common one which the rainbow table has already listed hash codes for (Common ones include linksys, belkin54g, etc.). EWSA, however, uses a relatively small dictionary file (a few megabytes versus dozens of gigabytes for common rainbow tables) and creates the passwords on the fly as needed. Rainbow tables are tested against a captured WPA/WPA2 Hash Code via a computer's processor with relatively low numbers of simultaneous processes possible. EWSA, however, can use a computer's processor(s), with up to 32 logical cores, up to 8 GPUs, all with many CUDA cores (NVIDIA) or Stream Processors (ATI).
Vulnerability in Canon authentication software
On November 30, 2010, Elcomsoft announced that the encryption system used by Canon cameras to ensure that pictures and Exif metadata have not been altered was flawed and cannot be fixed. On that same day, Dmitry Sklyarov gave a presentation at the Confidence 2.0 conference in Prague demonstrating the flaws.[13] Among others, he showed an image of an astronaut planting a flag of the Soviet Union on the moon; all the images pass Canon's authenticity verification.[14][15]
References
- "Fast cryptographic key recovery system and method".
- "United States Patent: 7599492 - Fast cryptographic key recovery system and method".
- "Probabilistic cryptographic key identification with deterministic result".
- "United States Patent: 7783046 - Probabilistic cryptographic key identification with deterministic result".
- "Use of graphics processors as parallel math co-processors for password recovery".
- "United States Patent: 7787629 - Use of graphics processors as parallel math co-processors for password recovery".
- "Password recovery system and method".
- "United States Patent: 7809130 - Password recovery system and method".
- "Use of graphics processors as parallel math co-processors for password recovery".
- "United States Patent: 7929707 - Use of graphics processors as parallel math co-processors for password recovery".
- "HotHardware Forums".
- "Archived copy". Archived from the original on 2012-03-26. Retrieved 2012-03-20.CS1 maint: archived copy as title (link)
- http://201002.confidence.org.pl/prelegenci/dmitry-sklyarov
- Kirk, Jeremy (1 December 2010). "Analyst finds flaws in Canon image verification system". PC World from IDG. IDG Communications. Retrieved 27 September 2019.
- Doctorow, Cory (30 Nov 2010). "Dmitry Sklyarov and co. crack Canon's "image verification" anti-photoshopping tool". Boing Boing. Retrieved 27 September 2019.