/[public]/psiconv/trunk/formats/psion/Password_Section.psi
ViewVC logotype

Diff of /psiconv/trunk/formats/psion/Password_Section.psi

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 194 Revision 195
17mþŸUX ž  17mþŸUX › 
2dÈ"Times New RomanN1 ð 2dÈ"Times New RomanN1 ð
3< *Koptekst 2Lð ð 3< *Koptekst 2Lð ð
4< *Koptekst 3L *OpsomtekenO³•Swissÿÿÿÿh3r h3r ÐР efdefLdý‚.ÆAID Section Name «Word File» 10000106 «Text Section» «Sheet File» 1000011D  10000121 «Sheet Graph List Section»[Encryption Method]Encryption MethodThe plaintext is separated into blocks of 20 bytes. The last block is padded with bytes containing 30. Each block is encypted by adding a 20 byte long key. This key is somehow based on the plaintext password (probably through a similar, though different, hash function as that which is used to encrypt the password), and it is the same for each block. The resulting encryption seems to be fairly weak. For a word file, for example, you can gather a lot of information from the other (unencrypted) sections; for a longer text, this is probably enough to break the encryption key, without ever needing the plaintext password! This could even be automated somewhat: if there is a ParagraphElement List, you know the length of each paragraph; you also know that (almost) all paragraphs end with a 06 byte.ð " Courier New ð"Times New Roman  " Courier New‰ tV$'*aÃð @"Arialð"Times New Roman " Courier New " Courier New ð"Times New Roman ð"Times New Roman  " Courier New"  " Courier New  " Courier New  " Courier New  " Courier New È" Courier New ð"Times New Roman ð"Times New RomanÂð"Word.app C"y‰K 4< *Koptekst 3L *OpsomtekenO³•Swissÿÿÿÿh3r h3r ÐР efdefLdý‚.ÆAID Section Name «Word File» 10000106 «Text Section» «Sheet File» 1000011D  10000121 «Sheet Graph List Section»[Encryption Method]Encryption MethodThe plaintext is separated into blocks of 20 bytes. The last block is padded with bytes containing 30. Each block is encypted by adding a 20 byte long key. This key is somehow based on the plaintext password (probably through a similar, though different, hash function as that which is used to encrypt the password), and it is the same for each block. The resulting encryption seems to be fairly weak. For a word file, for example, you can gather a lot of information from the other (unencrypted) sections; for a longer text, this is probably enough to break the encryption key, without ever needing the plaintext password! This could even be automated somewhat: if there is a Paragraph Element List, you know the length of each paragraph; you also know that (almost) all paragraphs end with a 06 byte.ð " Courier New ð"Times New Roman  " Courier New‰ tV$'*aÃð @"Arialð"Times New Roman " Courier New " Courier New ð"Times New Roman ð"Times New Roman  " Courier New"  " Courier New  " Courier New  " Courier New  " Courier New È" Courier New ð"Times New Roman ð"Times New RomanÂð"Word.app C"y‰K
Legend:
Removed from v.194  
changed lines
  Added in v.195
frodo@frodo.looijaard.name
 ViewVC Help
Powered by ViewVC 1.1.26