Practical Bruteforce of "AES-1024 Military Grade" Encryption

upstart writes:

Practical bruteforce of AES-1024 military grade encryption:

I recently presented work on the analysis of a file encryption solution that claimed to implement "AES-1024 military grade encryption". Spoiler alert: I did not break AES, and this work does not concern the security of AES. You may find advanced research regarding this topic.

This project started during a forensic analysis. One of my colleagues came with a USB stick containing a vault encrypted with SanDisk Secure Access software. He asked me if it was possible to bruteforce the password of the vault to recover the content. I did not know this software thus, I started to research. It appeared that this solution is distributed by Sandisk by default on any storage device you buy from them.

The solution is convenient, it allows a user to run the binary on the disk and after entering her correct password her vault is unlocked and the files are accessible. Once the software is closed, the files are encrypted back and not accessible anymore. So far nothing uncommon, but one thing drew my attention. In the Options menu, you can choose your "Preferred encryption method".

[...] They claimed to provide "Ultimate encryption using 1024 bit AES keys, Military grade". Thus for all those reasons, I decided to analyze the solution to figure out how it was implemented.

Read more of this story at SoylentNews.