posted on Aug, 1 2010 @ 08:00 PM
People read up on your cryptography before getting all excited, all it means when openssl barfs at a key you give it is that it has issues processing
the padding (look up PKCS#5 padding on google) the odds of getting an error when decrypting with a wrong key is slightly above 1 in 256. Thats why
there are so many keys 'that work' (if you don't belive me fetch the source code of openssl and look for your self)
Open ssl doesn't (want to) know when you enter the 'correct' key its just running the input though an algorhitm and therefore not getting an error
doesn't mean your key is 'good' it just means the last byte in the file is probably a 0x00 not making the padding code unhappy.
as for bruteforcing this (problem 1 ofcourse is how do you know when you have the correct key, since we have no idea about the plaintext)
distributed.net has been going at an rc5-72 key (which is a significant faster algorhitm then aes) for 2799 days (done 0.947% of the keyspace) and
predicts it needs atmost 47,429 days (about 133 years) to search the complete keyspace. Now lets for the sake of argument lets assume aes and rc5 as
just as fast (which they are not) for every bit above 72 (thats 184) multiply those 133 years by 2.
Giving us 133 * (2^184) = 3261150510962611490586562473775857942740676852006705430528 *YEARS*
Even if computing power 100.000 folds in the next few years the odds of bruteforcing this before the universe ends are still virtually *ZERO*
If you don't belive any of what I tell you and still convinced you guessed the correct key since you are not getting an error, do your on research,
encrypt a picture of your dog or cat with openssl then try random passwords to see how many don't produce an error and how many of those actually
reproduce your orginal picture of your adorable pet.
sorry to crush your hopes and dreams but a little reality check was needed in this thread.