Romney's tax returns - first Bitcoin extortion?

[JDBound]

CLAG is now offering a 1.0 BTC bounty for the first person to crack this and generate a valid password.

To contribute please send donations to the address in my sig.

I will keep a running total of the bounty in this post if it ends up taking a while.


TOTAL BOUNTY: 1.0 BTC

Contributors:
CLAG: 1.0 BTC

I just donated 1/4 of the bounty. Are you raising the bounty on donations?

Yes, donations made and noted in this thread will be put towards the bounty until someone brute forces the password.

Bounty post updated.

[FLHippy]

I just donated 1/4 of the bounty. Are you raising the bounty on donations?

Yes, donations made and noted in this thread will be put towards bounty until someone cracks the password.

Groovy,

   I sent another donation then. Lets get it cracked.

[Luno]

If someone cracks this and it looks like the files are what people suspect they are, you would be a smart guy not to brag about it and posting the files. Get it?

[hashman]

I'm no pro but it seems that 128 bit AES is not gonna be 3BTC easy. 

[Luno]

Funny, just checked on Wiki.  Cracking 128-bit AES would be greater news than whatever is in that file.

[sadpandatech]

Funny, just checked on Wiki.  Cracking 128-bit AES would be greater news than whatever is in that file.

in this case, we're not cracking(breaking) the encryption. We are brute forcing the password by using the stored hash to compare against.


@Molecular that PCL is a good option and you can download the engine that they use and use it for free. There is a Cuda and a CL version. You would of course have to modify the source if you wanted to use it for parallel cracking.

It's command-line and likely not useful for anything longer than 6-7 characters unless you code your own using their engine.
http://www.crark.net/

edit; apparently they have a gui wrapper available there now. makes it much more windos friendly.

[Luno]

Sorry, you are right, meant a 128-AES password. something like 1.84 * 10^18 years. 100.000.000 times the age of the Universe. Worth more than 1M USD if done before 9.28.12.

[sadpandatech]

Sorry, you are right, meant a 128-AES password. something like 1.84 * 10^18 years. 100.000.000 times the age of the Universe. Worth more than 1M USD if done before 9.28.12.

given my lil 580 a workout with it. correction. spent 12 minutes to cover all 5 character combos of only lower case letters and numbers on a cuda core.


where are the bored miners at?

[Mushroomized]

Sorry, you are right, meant a 128-AES password. something like 1.84 * 10^18 years. 100.000.000 times the age of the Universe. Worth more than 1M USD if done before 9.28.12.

given my lil 580 a workout with it. correction. spent 12 minutes to cover all 5 character combos of only lower case letters and numbers on a cuda core.


where are the bored miners at?

I'll help, let me know how and Ill crunch some numbers with my 6950 for a while when Im not playing games.

[sadpandatech]

Sorry, you are right, meant a 128-AES password. something like 1.84 * 10^18 years. 100.000.000 times the age of the Universe. Worth more than 1M USD if done before 9.28.12.

given my lil 580 a workout with it. correction. spent 12 minutes to cover all 5 character combos of only lower case letters and numbers on a cuda core.


where are the bored miners at?

I'll help, let me know how and Ill crunch some numbers with my 6950 for a while when Im not playing games.

grab a copy of cRARk v. 3.41 with OpenCL support from http://www.crark.net
extract it all to a folder, minus the stupid crackme file.
toss a renamed copy of the tax.rar file in the same folder. get it from here; http://x.co/nbvq
rename english.def to password.def   You may also want to give a quick read through the .def file to uncomment some lines so you are searching more than just lowercase letters...
cmd line to your crark folder. type in crark   and it will give you a run down of the options, etc.
a basic test can be doing by using 'crark benchmark'  and will tell you how many passwords per second your card can run and let you know if it is accessing he gpu properly

alternatively you can try to use the GUI wrapper they have available; http://www.crark.net/download/crark_gui.zip
Ony my comp it did not work only because I needed to use an extra timing option for my vid card and was unable to do tht in the gui. It may work with the default vid settings for ATI.

[ElectricMucus]

Somehow I doubt that password was chosen short enough to make it brute-forceable.
Added to that I think the rar probably doesn't even contain the tax returns or any useful information for that matter - it's somebody jumping on the bandwagon, trolling you guys.

[sadpandatech]

Somehow I doubt that password was chosen short enough to make it brute-forceable.
Added to that I think the rar probably doesn't even contain the tax returns or any useful information for that matter - it's somebody jumping on the bandwagon, trolling you guys.

haha, that's my assumption as well. Likely some 20+ character bohemeth with random symbols and numbers in it.

can't hurt to try though. a 5870 should be able to pull 30k~ p/s  not sure how long that would take to get to 10 character passwords though.

Any math wizzies know how many password combos there are from 5 to 10 characters if we use upper/lower case letters, numbers and symbols in just a basic Latin set?


I'm inclined to agree also with your addition. But I have some hope as the sizes of the PDF files are compareable to a few corporate return PDFs I just checked here in our database...

[niko]

I was hoping for some side-channel attack. Do we even know if rar uses AES? Even if it does, how is it implemented? Does it help that in this case we can assume certain things about the plain text (pdf format)? Come on, can't bitcoin community do better than brute-forcing and dictionary?

[malevolent]

Any math wizzies know how many password combos there are from 5 to 10 characters if we use upper/lower case letters, numbers and symbols in just a basic Latin set?

How many characters in total?

If it's 10 chars then I think it should be x^10 where x is the number of total number of characters used.
If it's only 0-9, a-z, A-Z, then the total amount of pwd permutations would be 62^10.
I don't know which other characters you're interested in, but in standard (ie. not extended) ASCII table there's 95 printable chars (0-9, A-z, symbols)

In that case it is 95^10
But I wouldn't worry about exluding short results, it takes very little time for the short ones.

[sadpandatech]

Any math wizzies know how many password combos there are from 5 to 10 characters if we use upper/lower case letters, numbers and symbols in just a basic Latin set?

How many characters in total?

If it's 10 chars then I think it should be x^10 where x is the number of total number of characters used.
If it's only 0-9, a-z, A-Z, then the total amount of pwd permutations would be 62^10.
I don't know which other characters you're interested in, but in standard (ie. not extended) ASCII table there's 95 printable chars (0-9, A-z, symbols)

In that case it is 95^10
But I wouldn't worry about exluding short results, it takes very little time for the short ones.

Rock on, thanks for that.  I've run 95^5 and come up with nothing.  Correction, 37^5...  95^5 would take ~14k days @ 35kp/s    assuming I mathed right...

[molecular]

Somehow I doubt that password was chosen short enough to make it brute-forceable.
Added to that I think the rar probably doesn't even contain the tax returns or any useful information for that matter - it's somebody jumping on the bandwagon, trolling you guys.

haha, that's my assumption as well. Likely some 20+ character bohemeth with random symbols and numbers in it.

can't hurt to try though. a 5870 should be able to pull 30k~ p/s  not sure how long that would take to get to 10 character passwords though.

Any math wizzies know how many password combos there are from 5 to 10 characters if we use upper/lower case letters, numbers and symbols in just a basic Latin set?

need no math wizzard for that, simple division and exponentiation:

In [8]: pow(36,10) / (3E4*60*60*12*365)
Out[8]: 7729.06823960548

7729 years assuming an alphabet of 36, pw-length 10, 30kp/s

(pw-length 5: 30 minutes)

[sadpandatech]

need no math wizzard for that, simple division and exponentiation:

sayeth the math wiz. ;p

In [8]: pow(36,10) / (3E4*60*60*12*365)
Out[8]: 7729.06823960548

7729 years assuming an alphabet of 36, pw-length 10, 30kp/s

(pw-length 5: 30 minutes)

And what about an alphabet of 95, pw-length 10, 30kp/s ?

[molecular]

need no math wizzard for that, simple division and exponentiation:

sayeth the math wiz. ;p

In [8]: pow(36,10) / (3E4*60*60*12*365)
Out[8]: 7729.06823960548

7729 years assuming an alphabet of 36, pw-length 10, 30kp/s

(pw-length 5: 30 minutes)

And what about an alphabet of 95, pw-length 10, 30kp/s ?

lmgtfy

[sadpandatech]

And what about an alphabet of 95, pw-length 10, 30kp/s ?

lmgtfy

Nice, I actually did not realize Google would be so kind as to do exponential maths for my lazy ass.

63286079 years I presume?

[molecular]

And what about an alphabet of 95, pw-length 10, 30kp/s ?

lmgtfy

Nice, I actually did not realize Google would be so kind as to do exponential maths for my lazy ass.

63286079 years I presume?

you interpreted the expression correctly.