RAR password recovery. Why so slow? And why is the “Current speed” incorrect?
This is a peculiarity of RAR3 archives.
The RAR password recovery scheme is different from others and allows miscalculations while estimating the speed of password recovery tools (AccentRPR and our competitors). This happens due to the structure of a particular RAR archive.
"Current speed" is the “peak” speed. For RAR archives, it can be incorrect if the program is trying to open a large archive without header encryption (it gets easier with an encrypted header – the entire archive doesn’t have to be unpacked).
Recovery of a RAR password consists of two stages:
1. "Passwords to keys". Calculating the encryption key from the password being checked. Transformation itself is fairly fast (its speed is shown as "current speed").
2. "Validate keys". To check a password, you need to completely unpack the entire archive and compare its contents with control values. The bigger the RAR archive, the more time is needed for unpacking it and the lower the actual password recovery speed is (displayed as “Average speed” and used for calculating the “Estimated time” parameter).
Therefore, the size and structure of a particular RAR archive fully defines the speed of password recovery. The speed can be completely different for another RAR archive.
NOTE: All of this relates to RAR archives of the RAR3 format. Newer RAR5 archives do not have such flaws and the speed of password recovery is always stable.
Three Questions about RAR Passwords
Yes, but you should note the following. The password must either be a simple one, or you must know at least something about it.
In the first case, to crack a RAR password it may be sufficient to use a dictionary attack.
In the second case, range customization options might work out and help you find the password must faster. Those options
are gluing together and mutation of dictionaries or using an extended positional mask. Get more details
here.
It is a process of attempting each combination from a given range one by one trying to eventually guess the right password.
Basically, we take a password and see if it can decrypt our RAR file. If it can, great! The password is recovered. If not, we go with the next password and test it. It goes on and on…
The time it takes depends on the length of the list. To make it faster we recommend to cut the range and use GPU acceleration on AMD/NVIDIA graphics cards. All these options
are available in AccentRPR.
Sure they are. A RAR file is not encrypted by the password itself, but by the password-based encryption key. Any change of characters in the password radically
changes the encryption key.
That is why the brute force attack has to account for both uppercase and lowercase characters. And that's where the
extended mask option of AccentRPR
comes in very handy. It helps define a charset for each position in a password and can dramatically reduce the time to crack RAR passwords.