From Wikipedia, the free encyclopedia
Jump to: navigation, search
ElcomSoft Co.Ltd.
Type Private
Industry Software

Password Cracking, Operating System Audit

homepage = www.ElcomSoft.com
Founded 1990
Headquarters Moscow, Russia

Established in 1990, ElcomSoft Co.Ltd. is a privately owned company headquartered in Moscow, Russia. Developing Windows security and productivity applications, ElcomSoft specializes in delivering the latest technologies in computer security to business and private customers worldwide. ElcomSoft is also a co-founder of the Independent Software Developers Forum (ISDEF).

ElcomSoft helps its customers unlock valuable information protected with lost and forgotten passwords. Hundreds of thousands of passwords are lost every year, with confidential documents becoming completely unavailable even to their rightful owners. ElcomSoft offers a range of consumer and enterprise-grade tools allowing its customers to gain information to password-protected documents, archives, and locked-out accounts in many popular products.

ElcomSoft has products that are affordable to individual consumers, and enterprise-grade products optimized for recovering passwords with clusters of network-connected workstations. The company’s zero overhead algorithms ensure linear performance growth in even the largest networks.

ElcomSoft pioneered many password recovery and information security technologies and algorithms. The company has five US patents granted, and several pending. All trademarks and copyrights are duly registered and protected. ElcomSoft’s patented innovations include GPU acceleration allowing to perform password recovery up to 20 times faster compared to Intel top of the line quad-core CPUs by using consumer-grade video cards with ATI or NVIDIA chips. Thunder Tables®, yet another patented technology, ensures guaranteed recovery of password-protected Microsoft Word and Microsoft Excel documents in just seconds instead of hours or days.

ElcomSoft has filed several patents in the USA. One of them is for the company's proprietary technology Thunder Tables.

Thunder Tables[edit]

Thunder Tables(R) is ElcomSoft's patented technology which ensures guaranteed recovery of Microsoft Word and Microsoft Excel documents protected with 40-bit encryption in just seconds instead of hours or days. The technology allows opening corresponding files using special pre-computed hash tables. These tables take around ~ 4GB, and fit easily onto a single DVD or USB flash drive. The technology is used in Advanced Office Password Breaker[1] and Advanced PDF Password Recovery.[2]

US Patents[edit]

7,599,492 - Fast cryptographic key recovery system and method
7,783,046 - Probabilistic cryptographic key identification with deterministic result
7,787,629 - Use of graphics processors as parallel math co-processors for password recovery
7,809,130 - Password recovery system and method
7,929,707 - Use of graphics processors as parallel math co-processors for password recovery

Elcomsoft in books[edit]

ElcomSoft is an acknowledged expert in the password / system recovery and forensics market. The company’s technological achievements and opinion leadership is quoted in many authoritative publications. For example: "Microsoft Encyclopedia of Security", "The art of deception" (Kevin Mitnick), "IT Auditing: Using Controls to Protect Information Assets" (Chris Davis), "Hacking exposed" (Stuart McClure), “Hacking For Dummies” (Kevin Beaver), “Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century” (Ryan Trost), “FISMA Certification & Accreditation Handbook” (L. Taylor), “Computer Network Security: Theory and Practice” (Jie Wang), “A+ Certification Study Guide, Sixth Edition” (Jane Holcombe, Charles Holcombe), “Investigating Digital Crime” (Robin P. Bryant), “Security Engineering: A Guide to Building Dependable Distributed Systems” (Ross J. Anderson), “Network Know-How: An Essential Guide for the Accidental Admin” by John Ross, “Hacking Exposed: Network Security Secrets and Solutions, Sixth Edition” (Stuart McClure, Joel Scambray, George Kurtz), “Windows Server 2008 PKI and Certificate Security” (Brian Komar), etc.

Elcomsoft helped Norwegian Police[edit]

22 July 2011, Breivik bombed government buildings in Oslo, which resulted in eight deaths. Within hours after the explosion he arrived at Utoya island, the site of a Labour Party youth camp, posing as a police officer and then opened fire on the unarmed adolescents present, reportedly killing 69.The youngest victim was Sharidyn Svebakk-Bøhn of Drammen, who was 14 years old. Another victim was Trond Berntsen, the step-brother of Crown Princess (the son of Princess Mette-Marit’s late stepfather).

Oslo Police District asked ElcomSoft for help with this incident by using Elcomsoft iOS Forensic Toolkit, that was the best choice at the moment because every hour was loss of time. Police needed to explore new evidences from iPhones of victims. As we know EIFT makes complete forensic analysis of encrypted user data stored in iPhone/iPad/iPod devices running any version of iOS. Utility allowed the police s eligible customers acquiring bit-to-bit images of devices’ file systems, extracting phone secrets (passcodes, passwords, and encryption keys) and decrypting the file system dump. Access to most information was provided in real-time.

Oslo Police District solved that problem in a couple of days. At that point after conviction of Breivik they sent a gratitude to Elcomsoft CEO Vladimir Katalov

The DMCA case[edit]

On July 16, 2001, Dmitry Sklyarov, a Russian citizen employed by ElcomSoft who was at the time visiting the United States for DEF CON, was arrested and jailed for allegedly violating the United States DMCA law by writing ElcomSoft's Advanced eBook Processor software. A landmark court case ensued, setting precedents and attracting much public attention and protest. On December 17, 2002, ElcomSoft was found not guilty of all four charges under the DMCA. Bruce Chizen, CEO of Adobe Systems, had this to say to CNET:[3]

Looking back with 20/20, I wish that we could have had better communication with ElcomSoft, Dmitry Sklyarov and the EFF (Electronic Frontier Foundation) before the whole thing went public. I'm sorry that we weren't able to do that, because I think we could have resolved a lot of the issues.

Wireless Security Auditor[edit]

Elcomsoft's Wireless Security Auditor (EWSA)[4] is a program which takes WPA/WPA2 Hash Codes and, using brute force methods, tries to guess the password associated with a wireless network. The brute force attack is carried out by testing passwords with a known SSID of a network of which the WPA/WPA2 Hash Code has been captured. The passwords that are tested are generated from a dictionary using various mutation (genetic algorithm) methods, including case mutation (password, PASSWORD, PassWOrD, etc.), year mutation (password, password1992, password67, etc.), and many other mutations to try to guess the correct password.

The advantage of using EWSA over traditional methods, such as rainbow tables,[5] are numerous. Rainbow tables, being very large in size because of the amount of SSID/Password combinations saved, take a long time to traverse, cannot have large numbers of passwords per SSID, and are reliant on the SSID being a common one which the rainbow table has already listed hash codes for (Common ones include linksys, belkin54g, etc.). EWSA, however, uses a relatively small dictionary file (a few megabytes versus dozens of gigabytes for common rainbow tables) and creates the passwords on the fly as needed. Rainbow tables are tested against a captured WPA/WPA2 Hash Code via a computer's processor with relatively low numbers of simultaneous processes possible. EWSA, however, can use a computer's processor(s), with up to 32 logical cores, up to 8 GPUs, all with many CUDA cores(NVIDIA) or Stream Processors(ATI). This makes EWSA much faster than traditional techniques, advertising the ability to test over 100,000 passwords per second on a modern, high end computer that many consumers and businesses can afford.

Canon cameras[edit]

On November 30, 2010, Elcomsoft announced that the encryption system used by Canon cameras to ensure that pictures and Exif metadata have not been altered was flawed and cannot be fixed.[6][7] On that same day, Dmitry Sklyarov gave a presentation at the Confidence 2.0 conference in Prague demonstrating the flaws.[8] Among others, he showed an image of an astronaut planting a flag of the Soviet Union on the moon; all the images pass Canon's authenticity verification.[9]


  1. ^ http://www.elcomsoft.com/aopb.html
  2. ^ http://www.elcomsoft.com/aopb.html
  3. ^ ELCOMSOFT: Advanced eBook Processing Software
  4. ^ http://elcomsoft.com/ewsa.html
  5. ^ http://wirelessdefence.org/Contents/coWPAttyMain.htm
  6. ^ http://elcomsoft.com/news/428.html
  7. ^ http://www.pcworld.com/businesscenter/article/211965/analyst_finds_flaws_in_canon_image_verification_system.html
  8. ^ http://201002.confidence.org.pl/prelegenci/dmitry-sklyarov
  9. ^ http://www.elcomsoft.com/canon.html

External links[edit]