Is it possible to recover 256 Bit AES encrypted data without a password?

Discussion in 'MacBook Pro' started by kdum8, May 8, 2009.

  1. kdum8 macrumors 6502a

    kdum8

    Joined:
    Sep 8, 2006
    Location:
    Tokyo, Japan
    #1
    This is just a theorectical question, not something that I actually need to do because I have forgotten my p/w. :p

    I am curious as to how the various encryption software solutions work. (For example, using disk utility to make a passworded disk image). They work fine to a certain level, but if someone were to physcically remove the hard drive and examine it, wouldn't they be able to read even encrypted data somehow? I mean it is still there on the platter isn't it? Or does the encryption process actually change the file itself, rather than just block access to it?
     
  2. yippy macrumors 68020

    yippy

    Joined:
    Mar 14, 2004
    Location:
    Chicago, IL
    #2
    Encryption DOES change the files. It "encrypts" them using a key that is based off your password. This means that even if the drive is physically removed, there is no way to read the data without knowing the password.
     
  3. kdum8 thread starter macrumors 6502a

    kdum8

    Joined:
    Sep 8, 2006
    Location:
    Tokyo, Japan
    #3
    Thanks, I see. So on a fundamental level, the binary 1's and 0's on the platter are actually changed to some other values based on your password according to a pre-determined algorhithm?
     
  4. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #4
    Theoretically yes of course, it depends on expertise, skill and resources. Is it a feasible or a realistic expectation, well that's a different question.

    I don't see majority of the people who steal a hard drive or access a computer are willing or able to undertake it, but those that want too including governmental agencies like the CIA, police, FBI, etc that may figure the reward is worth the effort
     
  5. kdum8 thread starter macrumors 6502a

    kdum8

    Joined:
    Sep 8, 2006
    Location:
    Tokyo, Japan
    #5
    So it is possible for someone who has the resources to read the data, but perhaps prohibitively time consuming for most purposes. Does that mean it is impossible with current technology to make totally secure data encrption software?
     
  6. vicious1 macrumors newbie

    Joined:
    Aug 22, 2004
    #6
    ...

    not possible nor feasible at least with the current technology...

    From the wikipedia page for AES a quote from Bruce Schneier: "Bruce Schneier, a developer of the competing algorithm Twofish, wrote that while he thought academic attacks on Rijndael would be developed someday, "I do not believe that anyone will ever discover an attack that will allow someone to read Rijndael traffic."[11]".

    so while it might be thereetically possible through some way, the practicality is pretty much zero.

    //V
     
  7. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #7
    a 256 bit encryption would take a LONG time to crack.

    taken from some site..

    Code:
    Thus, 40-bit encryption involves 240 possible values, 128-bit encryption 2^128 combinations, and 256-bit keys involves a staggering 2^256 possible combinations, rendering the encrypted data de facto impervious to intrusion. Even with a brute-force attack (the process of systematically trying all possible combinations until the right one is found) cracking a 256-bit encryption is computationally unfeasible.
    sorry for the retarted quote :confused:

    thats 2 ^ 256 combinations. or 1.157920892373162e77 im trying to get an exact figure on that.

    apparently its this...

    115792089237316195423570985008687907853269984665640564039457584007913129639936
     
  8. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #8
    The only way to recover data encrypted with AES (and most other decent encryption algorithms) is through the use of either a dictionary attack (trying words from a dictionary) or a brute force attack of trying every possible combination of passwords (some earlier encryption algorithms could be cracked by analyzing the encrypted data as they did things such as always encrypting the letter E to the same encrypted character - decent modern algorithms don't suffer from that problem).

    This means that the security of your data is directly related to the password you use: If you use 9 or 10 character passwords with a combination of upper case letters, lower case letters, symbols and numbers, and never use common words then your data should be secure for at least a hundred years (thousands of years based on current computing power)
     
  9. robbieduncan Moderator emeritus

    robbieduncan

    Joined:
    Jul 24, 2002
    Location:
    London
    #9
    In theory if anyone manages to make a functioning quantum computer they should be able to break pretty much all current encryption schemes very quickly indeed.
     
  10. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #10
    if only my brain was big enough to understand even the concept of quantum numbers/computers....
     
  11. reubs macrumors 68000

    Joined:
    Jun 22, 2006
    #11
    So if you have something to hide from anyone (gov't included?) use the 256 bit protection?
     
  12. r.j.s Moderator emeritus

    r.j.s

    Joined:
    Mar 7, 2007
    Location:
    Texas
    #12
    Yes.
     
  13. kdum8 thread starter macrumors 6502a

    kdum8

    Joined:
    Sep 8, 2006
    Location:
    Tokyo, Japan
    #13
    And hope that no one develops a working quantum computer before better (quantum based?) algorithms are developed... :p

    Thanks for all the answers. Using a very stong password then is an important factor. I have always used letters and numbers in my passwords but usually they are only 7 or 8 characters long. Will have to improve on that...
     
  14. kdum8 thread starter macrumors 6502a

    kdum8

    Joined:
    Sep 8, 2006
    Location:
    Tokyo, Japan
    #14
    Actually r.j.s. this question was prompted in part from watching one of your youtube mac videos that you put up recently. Thanks for the effort by the way. :)
     
  15. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
  16. kdum8 thread starter macrumors 6502a

    kdum8

    Joined:
    Sep 8, 2006
    Location:
    Tokyo, Japan
    #16
    naturallly I checked wikipedia first as always, but wanted to get people's opinions and knowledge on the subject from MR as well. :)
     

Share This Page