[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Passphrase
From: David Shaw <dshaw () jabberwocky ! com>
Date: 2011-04-27 18:03:22
Message-ID: DC988FED-BFB2-48C2-8167-2798D11E3527 () jabberwocky ! com
[Download RAW message or body]
On Apr 26, 2011, at 6:38 PM, Stephen H. Dawson wrote:
> Hi,
>
>
> Dire need, hoping for help.
>
> I have my private and public keys, but you have neither the passphrase nor a \
> revocation certificate. I need to revoke my published key. Can they recommend a \
> bash script to discover the passphrase using brute force on the private key?
It depends. If you have a strong passphrase, you're pretty much out of luck. After \
all, if it was easy to brute force a strong passphrase, it would defeat a lot of the \
point of the crypto here.
That said, frequently when someone forgets their passphrase, they half remember it. \
They know it starts with such-and-such characters, or that it ends with a number, or \
has a hyphen in there... that sort of recollection. For those cases, there are tools \
that might be useful to you, since your half memory of the passphrase reduces the \
search space that will need to be brute-force. If you can manage to remember enough \
of the passphrase, you might be able to use a tool like \
http://www.roguedaemon.net/rephrase/ to brute force the missing parts.
There is also a commercial product from Elcomsoft that claims very fast distributed \
brute forcing. I haven't tried it myself. http://www.elcomsoft.com/edpr.html
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic