"Message have been altered or password is incorrect"
-
- Posts: 4
- Joined: Wed Feb 04, 2015 2:11 pm
- Location: Calicut
- Contact:
"Message have been altered or password is incorrect"
I just got this message for the first time today.
I'm pretty sure my password is correct. This could be some form of partial file corruption. Is there any way to "force" decryption?
I'm pretty sure my password is correct. This could be some form of partial file corruption. Is there any way to "force" decryption?
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: "Message have been altered or password is incorrect"
There's no way to force decryption without modifying the software. Of, course, that's always doable, since it's open source.
If the file was corrupted near the start of the file, though, you'd have completely useless data, since each block in the file is dependent on the previous block to ensure integrity of the whole file.
If near the end, it could be possible to recover everything up to that point.
What system are you using?
If the file was corrupted near the start of the file, though, you'd have completely useless data, since each block in the file is dependent on the previous block to ensure integrity of the whole file.
If near the end, it could be possible to recover everything up to that point.
What system are you using?
-
- Posts: 4
- Joined: Wed Feb 04, 2015 2:11 pm
- Location: Calicut
- Contact:
Re: "Message have been altered or password is incorrect"
I'm not sure about the nature of corruption, but I could try. It's a plaintext file and getting atleast some part of it decrypted would be really nice.
I mainly encrypt and decrypt via command line on windows 8.1 64bit.
I also have Ubuntu 14.04-amd64.
I mainly encrypt and decrypt via command line on windows 8.1 64bit.
I also have Ubuntu 14.04-amd64.
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: "Message have been altered or password is incorrect"
If you have gcc installed on Ubuntu, you could just compie the code without exiting after hitting a failure condition. I can modify the Linux file aescrypt.c and send it to you.
How are you about working at the command line? Changing that code for me is easy to do, but I don't want you pulling your hair out.
How are you about working at the command line? Changing that code for me is easy to do, but I don't want you pulling your hair out.
-
- Posts: 4
- Joined: Wed Feb 04, 2015 2:11 pm
- Location: Calicut
- Contact:
Re: "Message have been altered or password is incorrect"
Thanks, but I actually tried creating a force option for the linux version. Here: https://github.com/Power-Inside/AESCryp ... 6a7c11ad0e
I'm getting a garbled output after trying it out.. I guess I'm out of luck?
I'm getting a garbled output after trying it out.. I guess I'm out of luck?
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: "Message have been altered or password is incorrect"
I saw that request come through. That looks like it works work. If every single bit looks like garbage, then I suspect you have the wrong password.
Since you're getting familiar with the code , look at where the error is reported. There are two different hmac checks. If it's failing on the first hmac, then it's likely a bad password. That first check only protects the session key protected with your password. It's highly unlikely that the first few blocks are OK and then only the key blocks corrupt. Not impossible, but very unusual and unfortunate.
I wonder if there might also be a character conversion issue. Is the password ASCII only, or Unicode?
PS: I'm extremely slow about dealing with pull requests. I'll get to it eventually, but I like to ensure code changes don't cause problems and I need to wait until I have time to dedicate to requests.
Since you're getting familiar with the code , look at where the error is reported. There are two different hmac checks. If it's failing on the first hmac, then it's likely a bad password. That first check only protects the session key protected with your password. It's highly unlikely that the first few blocks are OK and then only the key blocks corrupt. Not impossible, but very unusual and unfortunate.
I wonder if there might also be a character conversion issue. Is the password ASCII only, or Unicode?
PS: I'm extremely slow about dealing with pull requests. I'll get to it eventually, but I like to ensure code changes don't cause problems and I need to wait until I have time to dedicate to requests.
-
- Posts: 4
- Joined: Wed Feb 04, 2015 2:11 pm
- Location: Calicut
- Contact:
Re: "Message have been altered or password is incorrect"
Thank you for the pointers. I'll look into it.
The password is a simple ASCII one. Actually, Alphabets only (I know that's bad lol, but kind of gives me hope for bruteforcing it out). Also, I have a feeling that windows might have changed the input mode or something right before I entered the password for encryption. Not sure though.
My Pull Request is a really simple/dirty hack for the -f argument. Feel free to ignore the pull request if it doesn't comply with the AESCrypt's software philosophy.
The password is a simple ASCII one. Actually, Alphabets only (I know that's bad lol, but kind of gives me hope for bruteforcing it out). Also, I have a feeling that windows might have changed the input mode or something right before I entered the password for encryption. Not sure though.
My Pull Request is a really simple/dirty hack for the -f argument. Feel free to ignore the pull request if it doesn't comply with the AESCrypt's software philosophy.
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: "Message have been altered or password is incorrect"
ASCII strings are not bad passwords, as long as they are of sufficient length. What's important is that the string of characters has sufficient entropy.
As an extreme example, if your password was just "$$", that could be cracked in seconds. On the other hand, if your password was 16 random ASCII characters selected from letters and numbers, it could take billions of years to crack.
Here's more on that: http://www.packetizer.com/security/pwgen/
As an extreme example, if your password was just "$$", that could be cracked in seconds. On the other hand, if your password was 16 random ASCII characters selected from letters and numbers, it could take billions of years to crack.
Here's more on that: http://www.packetizer.com/security/pwgen/
Re: "Message have been altered or password is incorrect"
OK, this really bothers me. On my Linux Mint Cinnamon, 17.1 or 2, I can decode files encoded in windows 7 and the other way round.
On other distributions, I get the same error as the op when trying do decode a windows file. In other words, I've lost my cross platform compatibility. Same thing going the other way.
No problem decoding on same system.
I've tried Ubuntu Mate, Solydx and Linux Mint xfce, all with same problem. Am I doing anything wrong. Basically I use the program to protect archive files, so I really need to be certain I can access the files if I update systems.
On other distributions, I get the same error as the op when trying do decode a windows file. In other words, I've lost my cross platform compatibility. Same thing going the other way.
No problem decoding on same system.
I've tried Ubuntu Mate, Solydx and Linux Mint xfce, all with same problem. Am I doing anything wrong. Basically I use the program to protect archive files, so I really need to be certain I can access the files if I update systems.
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: "Message have been altered or password is incorrect"
Can you encrypt a file on Mint 17.1 and send it to me along with what the password is supposed to be? Don't send anything secret.