We can finally break the WikiLeaks Insurance Files! University-of-Toronto Encryption Discovery!

originally posted by: StargateSG7


But it doesn't mean I can't do it tomorrow ..... ;-) :-)

........but for today, at least, we sleep sound.

originally posted by: StargateSG7

originally posted by: IQPREREQUISITE
To simplify things...basically them nerds are trying to brute force the encrypted files?

Without the key wouldn't that take..........................nevermind. I couldn't even understand Liber Primus much less follow the technical mathematics of this thread.

Goodluck!

When 2-to-the-256th-power of possible AES-256
encryption key combinations is whacked down to
2-to-the-128th-power we get around

340,282,366,920,938,463,463,374,607,431,768,211,456

possible combinations which is STILL a HUGE number
of possible key combinations to look through....BUT....
since we are looking at a maximum of ASCII pass phrase
length of say 64 characters and in the ENGLISH language
only ABOUT 60 MILLION are possible meaningful word
combinations of common phrases, song lyrics and/or
dictionary terms, a database engine could THEORETICALLY
process eight 32-bit queries combined together to form a
256-bit key search term and since a single AMD Radeon
Fury-X GPU graphics card can do 13 TeraFLOPS per second
or about 13 TRILLION 32-bit character compare and/or search
operations per second, it means that 1.725 TRILLION
character combinations per second of 256-bit encryption
keys could be tried out!

Since most TEXT PHRASE SEARCH operations take about
50 to 250 integer/single character compare/move/copy
operations, at 120 million possible word combinations means
that those 15,000,000,000 (15 billion total operations)
can be divided into the available 1.725 trillion available ops
or 230 seconds of GPU processing time multiplied by
64 characters is only 14,720 seconds of GPU time
or four hours. Since disk speed comes into this,
we have to multiply by 10 to 100 depending
upon your total available RAM and disk speed
it will take between 2 to 17 days to break
the AVERAGE AES-256 key...ONLY IF....human
password management foibles are still part
and parcel of any given encrypted file!

Does having a powerful graphics card really come into play? I mean, at least from what I understand, what you need is the processing speed of the chip and say...SSDs...graphic cards and their GPU power benefit visual media.

I could be totally wrong. I dunno...

But I have an i7-7500U and a GTX 1080 2TB SSD 32gb RAM setup if it helps lol

a reply to: IQPREREQUISITE

A GTX-1080 can do 11 teraFLOPS (32-bit Single-precision)
or about 11 TRILLION operations per second....again, even
WITH your fancy and FAST SSD drive, you're STILL looking at
between 2 to 17 days to break a SINGLE AES-256 key using the
alleged University-of-Toronto method...AND THAT ASSUMES
the key is a COMMON mish-mash of english phrases and/or
song-lyrics and/or puntuation and number combinations
which 99% of us TEND to use as passwords!

If it's TRULY RANDOM then it's BACK to Square One
and 2^256 possible combinations which would only
take you about a few TRILLIONS OF YEARS to do a
Brute Force attack on!

The CRUEL REALITY OF MATH is that exponential functions
are a real B**** and the TIME difference between attacking
2^128th combinations vs 2^256 is a night and day comparison!

This is WHY i think the UofT focused on using Fuzzy Logic
to make something similar to a Side-Channel Attack which
takes advantage of Human Password Management foibles
to reduce an Impossible-to-Attack 2^256 encryption key
combinations down to something much more manageable
(i.e. 2^128) regarding computation time!

Like I said earlier, AES-256 is NOT truly broken IF you use
truly random passwords BUT since 99% of people won't
go to that sort of touble of using truly random characters,
punctuation and numerics as passwords, AES-256 is now
OPEN to a side-channel attack.

And SINCE the Wikileaks Insurance Files 99% PROBABLY
use a COMMON combination of English words and numbers
I believe that a brute force dictionary attack CAN be used
as per the very general method outlined in emails to me.

originally posted by: Jukiodone

originally posted by: StargateSG7


But it doesn't mean I can't do it tomorrow ..... ;-) :-)

........but for today, at least, we sleep sound.

----

YES your AES-256 is DEFINITELY SAFE for today
and until at least next thursday.....!!!!!

but after that....we shall see......

a reply to: StargateSG7

Ooooh Boy.....this is getting interesting now....!!!!


Evidently, a technique envisioned by a team of Canadian
Grad Students from the Univerity of Toronto that used
fuzzy-logic Quadratic and Elliptic Curve estimation to
create "Islands of Possibilities" in terms of finding
POSSIBLE combinations of values for character, byte,
word or large integer-size data that are many times
used in an AES-256 encryption key MAY ACTUALLY WORK!

It SEEMS their theory holds some water when put to the test!

Specificallly, when key combinations containing vowels,
consonants, uppercase, lowercase, punctuation-only
ASCII-only, NON-ASCII characters and English-only and
Non-English only UNICODE characters AND their various
two-to-eight byte combinations thereof are mapped as
an RGBA or Hue, Saturation and Luminance-based bitmap,
we see specific patterns displayed that have elements of
compunding QUADRATIC-curves and simple ELLIPTIC-curves
for those distributions of encryption key combinations.

It is now obvious to us, that an estimation of the
CONTINUATION or DERIVATION of those curves WILL result
in us being able to ESTIMATE specific Encryption key
values to EXCLUDE and/or INCLUDE during brute force attacks.

This allows us to take the utterly HUGE possible number
of AES-256 encryption key combinations this is 2^256th:

115,792,089,237,316,195,423,570,985,008,687,907,853,
269,984,665,640,564,039,457,584,007,913,129,639,935
(i.e. a HUGE 78 digit number!)

and bring it down to 2^128th MAXIMUM possible
number of combinations (39 digits long)

340,282,366,920,938,463,463,374,607,431,768,211,455

which can be broght even FURTHER DOWN
to an EVEN MORE COMPUTABLE 29 digits:
79,228,162,514,264,337,593,543,950,335

IF the encryption key contains MOSTLY
English words, 2-or-3-digit number combinations
and 2 or 3 charactre punctuation combinations!

This can be done in as quick as 16 days
up to about three months maximum!

Soooooooo, it looks like I just might be able
to use some fancy math brought to you by the
University of Toronto to BREAK ALL OF the
Wikileaks Insurance Files!

====

And AFTER the code was properly explained to me
in a manner that better reflected it's design intent and
purpose, I now see it is NOT dependent upon prime number
sequences, fibonacci numbers, etc, BUT RATHER displays
the results of comparisons between COMBINATIONS
of byte widths from 2 to 8 bytes that were MAPPED
to RGB/HSL colours. The PATTERNS created contained
imagery that could be derived and computed from
Quadratic and Elliptic curve-based mathematics.

A fuzzy logic system was created to take that
RGB/HSL data and then DERIVE and/or EXTEND
the curves to specific lengths and forms of
source key values.

This would cause specific combinations
of two-letter consonants, vowels, uppercase
vs lowercase, ASCII vs NON-ASCII, Random Text
vs English Text to be EXCLUDED and/or INCLUDED
from a given curve estimation.

From there a BRUTE FORCE ATTACK was made
with specific initial key-values included and/or
excluded from the pass phrase to find the true key.

THIS TECHNIQUE SEEMS TO HOLD WATER because
the Rijndael round transform (much like an RSA Shiftbox)
causes sequences of RGB/HSL patterns to appear if the source
values and intermediate values are run through a byte-to-RGB/HSL-pixel
converter and displayed on-screen to allow a fuzzy logic system
to analyze BOTH Red, Green, Blue and Hue-Saturation-Luminance
colour channel patterns and then DERIVE a POSSIBLE source value
range or EXTEND out to a POSSIBLE destination value range!

While the Rijndael cipher itself is relatively SECURE, the values
it outputs are subject to specific types of ESTIMATION ATTACKS
when output values are converted to human-centric visual
pattern matching systems.

As since almost ALL OF humanity's computing environment is
essentially iterative in nature, it literally takes a person a given
amount of time to FIND the SPECIFIC TYPE of estimation that
any given iterative process is vulnerable to finding the derivation of.

In this case, numeric values converted to human-visible
RGB and Hue-Saturation-Luminance values which give rise
to VISIBLE curves in specific human-discernable colour bands
that have their formulaic basis in compounding Quadratic curves
and simple Elliptic curves!

See illustrations and text:
www.cs.mcgill.ca...

SO WOW !!!! This MAY actually WORK !!!!!

originally posted by: Jukiodone
-----BEGIN PGP MESSAGE-----

hQEMA9KF9a+L4Lz5AQf/eJwlIUoe9srXt0dslf3iOCnD+4DtD5i6rq6nDXdy
CZR8apUH/2HZ4in/ohsqOOpL7txYzrmQV/W+txtNkyyN+M50m7U1vKuheb3b
cNQWEgSWV/FKC75ZDN6zwD3f+2eGmlhuHcxTJHi3bGAqaTdZsU2M0UUWNKWu
rJnd9/LWAKrTQQOguyWmL+ZEJwt3uDMZ2BgxlZ7jA98vxXblqZpq3spCKjsu
T04FamGwZw/VRF6GPD8UqJuxxR4XTM+E622BSz8OnFukRAYB4gBbTOXoddn0
crjK1faq6nq2g5EDA2neGOIZUKa+vdi2bqkc4ETdz/KAza+clyOBK1KKBulJ
l6TPtxVZHwpNnJ25fjx4a6rJF+TRlTX7G9rGybdG/+/4CDWXqJu+uJdH3Swl
i/+UfT+H/5mwECKYfyuwqj5kI2WBuLeQgI4sWwb/bdbDu73pYkjdWNYsU86L
D04KN5dH09d+YYHCRy2W57NtmbSEhykv2TI8zOUpf3XLU5VmViKsQbpqYgNg
Z6D48Pi6X8j/i1mjxcWJJXM84OKt6vFK0LouwM9/D1j0L7XAh25RCUwgBhgY
+lcZ3/sVnHXf4BX/YzQ5zB/AHzivPsDz4J0jqG2G
=UlJg
-----END PGP MESSAGE-----

If you can respond in the required manner I will happily vouch for you.

......UHM.....NOT !!!!.....

;-) :-) ;-)

a reply to: StargateSG7

PUBLIC FORUM LEAK:

Atention:

--- Ticonderoga
--- Scorpion King
--- Battlestar Enterprise
--- Battlestar Pegasus
--- Battlestar Mercury
--- Battlestar Valkyrie
--- Battlestar Pergeron
--- Battlestar Titan
--- Battlestar Fury
--- Battlestar Galactica
--- Battlestar Columbia
-- -Battlestar Oberon
--- Number 4
--- Number 6
--- Number 8
--- Admiral Cain
--- Admiral Adama

CHAMPAGNE !!!

SET DRADIS for RED ALERT !!!

THIS IS NOT A DRILL !!!!

I REPEAT! THIS IS NOT A DRILL !!!!

Vipers And Raptors Are Now ALL Launched !!!

Sentry Guns Are ON AND SCANNING !!!

Set Folder Permissions to Hidden and Write-Only!

YOU NEED 20 TB FREE SPACE !!!

DISTRIBUTE TEXT SEARCHABLE PDF ONLY !!!!

NO TEXT TO CURVES !!!

INCLUDE ALL FONTS !!!

COLOUR AND BW IMAGES ALL TO JPEG 50% COMPRESSION !!!

DISTRIBUTE ONLY AFTER NOVEMBER 12, 2016

a reply to: StargateSG7

PUBLIC FORUM LEAK:

Atention: All Major Recipents and Khan!

DISTRIBUTE ONLY AFTER NOVEMBER 12, 2016 BY THE BOOK !!!

I REPEAT DISTRIBUTE AFTER NOVEMBER 12, 2016 BY THE BOOK !!!

So its Nov 12. Where's the leak?

a reply to: throwaway2016

It's just after midnight on the west coast. Hopefully a few more hours.

I'm looking forward to what's revealed. This thread and its computer jargon is way over my head.

a reply to: collietta

It appears they're trying to crack the encryption based on the assumption its a common word number combination....as if Assange made the insurance file password hunter2 or something. I can assure you its likely 100 characters long plus, and isn't a word, but would be under the same format as a hash or some sort above. Completely impossible to break.
hQEMA9KF9a+L4Lz5AQf/eJwlIUoe9srXt0dslf3iOCnD+4DtD5i6rq6nDXdy
CZR8apUH/2HZ4in/ohsqOOpL7txYzrmQV/W+txtNkyyN+M50m7U1vKuheb3b
cNQWEgSWV/FKC75ZDN6zwD3f+2eGmlhuHcxTJHi3bGAqaTdZsU2M0UUWNKWu
rJnd9/LWAKrTQQOguyWmL+ZEJwt3uDMZ2BgxlZ7jA98vxXblqZpq3spCKjsu
T04FamGwZw/VRF6GPD8UqJuxxR4XTM+E622BSz8OnFukRAYB4gBbTOXoddn0
crjK1faq6nq2g5EDA2neGOIZUKa+vdi2bqkc4ETdz/KAza+clyOBK1KKBulJ
l6TPtxVZHwpNnJ25fjx4a6rJF+TRlTX7G9rGybdG/+/4CDWXqJu+uJdH3Swl
i/+UfT+H/5mwECKYfyuwqj5kI2WBuLeQgI4sWwb/bdbDu73pYkjdWNYsU86L
D04KN5dH09d+YYHCRy2W57NtmbSEhykv2TI8zOUpf3XLU5VmViKsQbpqYgNg
Z6D48Pi6X8j/i1mjxcWJJXM84OKt6vFK0LouwM9/D1j0L7XAh25RCUwgBhgY
+lcZ3/sVnHXf4BX/YzQ5zB/AHzivPsDz4J0jqG2G - the odds are 0 that this "source code" can break this if it were a password to the insurance file