Vendor claims Acrobat 9 passwords easier to crack than ever

Vendor claims Acrobat 9 passwords easier to crack than ever

Summary: Password recovery software vendor ElcomSoft claims that the password verification mechanism in the new Adobe Acrobat 9 is weaker than the one used in the previous version of Adobe's product, thereby allowing them to improve the brute forcing speed a hundred times faster. The company's claim comes right after Adobe's implementation of 256-bit encryption in their Acrobat 9.

SHARE:
TOPICS: Security
7

ElcomSoftPassword recovery software vendor ElcomSoft claims that the password verification mechanism in the new Adobe Acrobat 9 is weaker than the one used in the previous version of Adobe's product, thereby allowing them to improve the brute forcing speed a hundred times faster. The company's claim comes right after Adobe's implementation of 256-bit encryption in their Acrobat 9. A PR campaign promoting ElcomSoft's new product, or actual evidence of a flawed implementation on behalf of Adobe?

According to the company, Adobe Acrobat 9 passwords are a hundred times easier to crack than the ones in Acrobat 8 :

"ElcomSoft has discovered that the new PDF protection system implemented in Acrobat 9 is even faster to recover than in previous versions. In fact, a hundred times faster. "The new version of Adobe Acrobat is easier to break", claims ElcomSoft CEO Vladimir Katalov, quoting a speed increase of two orders of magnitude for the new format. "The new product has surprisingly weak protection", he adds. According to ElcomSoft's CEO, using 256-bit AES encryption per se is not enough to achieve ultimate security without employing complex approach and consideration of the entire security system. "

Yesterday, Abobe issued a statement commenting on their implementation of the 256-bit encryption, confirming the trade-off that they made so that 256-bit password protected documents could open faster in Acrobat 9, whereas password recovery tools could indeed achieve better brute forcing speed :

"The current specification for password-based 256-bit AES encryption in PDF provides greater performance than the previous 128-bit AES implementation.  While this allows for 256-bit AES password protected documents to open faster in Acrobat 9, it can also allow external brute-force cracking tools to attempt to guess document passwords more rapidly because fewer processor cycles are required to test each password guess.  These tools operate independently of Acrobat and work directly on a password protected document by repeatedly guessing from lists of dictionary words like "turkey", "potato", and "pie" to see if the document will open."

GPU acceleration with NVIDIA cardsIn order for Adobe to balance usability with security, they improved the passphrase possibilities by introducing new characters and extending the previously limited length of the passphrase, potentially undermining brute forcing attempts in cases where quality passphrases are used. Sadly, that's not always the case. With a great number of people still (convinietly) choosing passwords over passphrases, their encrypted files still remain susceptible to successful brute forcing attempts. Why are passwords chosen over passphrases at the first place? Passphrases naturally result in more failed authentication attempts, are harder to remember, and as related studies show could result in more insecurities since the end users could write them down.

The single most obvious vulnerability that could undermine any encryption algorithm used, remain the use of weak passwords or passphrases. And in times when the very same vendor that's making the claims is improving the brute forcing speed through GPU acceleration with NVIDIA cards, perhaps allowing third-party password recovery software to perform better at PDF files wasn't exactly the best move in this case.

Topic: Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • How long does the password need to be?

    Question for Elcomsoft: how long does the password need to be before the differences between 8 & 9 become negligible?
    techvet
    • For each character that you add to the password

      The time it takes to crack is multiplied by how many
      characters there could be (E.G. 36 if it can only be
      alphanumeric and isn't case-sensitive).

      If it really can crack Acrobat 9 passwords much faster
      then Acrobat 8 ones, how long the password is won't
      change this. It will always crack the Acrobat 9 one
      much faster then the Acrobat 8 one.
      AzuMao
    • 2 characters longer

      A password, or pass phrase that is 2 characters longer than a version 8 password will make the version 9 password/phrase better than the version 8 password assuming the same complexity of characters and neither is in the dictionary used.
      aeriform
    • Secure passwords remain secure

      Let's assume password recovery for Acrobat9-authored files is 1'000
      times faster. This roughly corresponds to increase in password length
      of two characters to maintain original level of security, i.e. it will
      take _roughly_ the same time to recover 6-character password for
      Acrobat8-files and 8-character password for Acrobat9 (assuming both
      passwords are composed of lowercase letters and digits, 36 different
      characters in total, 36^2 = 1'296 roughly = 1'000).
      I would say that 8-character passwords composed of lowercase and
      uppercase letters, digits and special characters such as @#$":<> still
      provide adequate security level for non-confidential and
      non-classified data.
      Answering original question, it is irrelevant whether
      it is 8 or 9 for a random password that is:
      - composed of a-zA-Z0-9, 10 or more characters long
      - composed of a-z0-9, 11 or more characters long
      - composed of a-z, 12 or more characters long
      - composed of digits only, 17 or more characters long
      ElcomSoft
  • Weakening the encryption algorithm is very silly...

    Weakening the encryption algorithm is very silly and stupid. The vendor is selling a software with an insecurity feature, go figure. And then charge you lot of dollars for it.

    Now OpenOffice is a better option to make encrypted PDFs.


    Regards,

    MV
    MV_z
  • RE: Vendor claims Acrobat 9 passwords easier to crack than ever

    Appropriate conclusions to this discussion:

    1. ?Strong passwords? should be used to secure valuable assets. SANS Institute currently recommends at least 15 characters for strong passwords, Microsoft recommends 14 Characters.

    2. There are still only two know ways to crack encrypted documents; (1) break the encryption algorithm, and (2) brute force attacks on the password.

    3. Nobody is stating or even implying that the 256-bit AES encryption or the 128-bit AES encryption can currently be broken in any way other than brute force attacks on the password.
    4. Adobe Acrobat 9 allows passwords up to 127 charters long. Anything over 32 characters is overkill. 32 characters is needed to achieve a 256 bit key.

    5. Following the SANS.org suggested password policy makes Adobe Acrobat documents using either 256-bit AES or the 128-bit AES encryption completely secure!! ElcomSoft software will be completely useless in trying to crack documents secured in this manner.

    Will Fleenor
    will19
  • RE: Vendor claims Acrobat 9 passwords easier to crack than ever

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut