0

As some in here might know, there is/was a ransomware attack going on worldwide that used 7z to encrypt all files <20MB for a ton of users world wide.

Each user has a unique 32 char password (Upper & lowercase & Numbers - 62 possibilities, no special char where used)

the command line that was being used was a -mx = 0 -sdel -pmFyBIvp55M46kSxxxxxYv4EIhx7rlTD [FOLDER PATH]

(Note: sample password)

Given

  • we know the length
  • we know the characters used
  • we know the plain text

Is it doable to speed up a brute force attack. Or can you explain to me, why the 7z encryption algorithm might be protected against something like this?

e.g. I have this file and I still have the original on backups

Output of 7z l -slt playback.m3u.7z :

1 file, 274 bytes (1 KiB)

Listing archive: playback.m3u.7z

--
Path = playback.m3u.7z
Type = 7z
Physical Size = 274
Headers Size = 146
Method = Copy 7zAES
Solid = -
Blocks = 1

----------
Path = playback.m3u
Size = 122
Packed Size = 128
Modified = 2017-07-13 15:40:12
Attributes = A_ -rwxrwxr-x
CRC = 8CEF1157
Encrypted = +
Method = Copy 7zAES:19
Block = 0```

Looking forward to your responses
Leo
Leo Tulipan
  • 3
  • 3

1 Answers1

2

AES is not vulnerable to plain text attack.

There are 62 (you didn't account for special characters but we'll stick with 62) possibilities for the first character.

There are 62 possibilities for the second character, meaning 62*62 or 62 to the power of 2 combinations (technically a permutation) for the first 2 characters.

Likewise 62 to the power of 3 combinations for the first 3 characters.

Ultimately there are 62 to the power of 32 combinations for all 32 characters, or over 2 x 10 to the 57th power.

There are 3x10 to the 7 seconds in a year. Assuming you test a billion passwords a second that's ... longer than you can wait.

user10216038
  • 7,552
  • 2
  • 16
  • 19