* The key has to be stored somewhere in the file, in whatever form, with which the entered key is compared. It could somehow be gotten hold of from there. Perhaps a hex editor could be used to scan the first few bytes of a file for the key.
No, the keys are not stored in the files in anything worth it`s salt, and if it is a passwd file it`ll be hashed anyway. Depends entirely on the software, there are freely available crackers for files from a lot of micro$oft stuff, and some other popular programs such as pkzip etc... Otherwise get a good cryptgrapher to look at the software, run a sniffer on the network, a keygrabber on the machine, or give up. For a good introduction covering much of the stuff you need try the sci.crypt FAQ. Datacomms Technologies data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: FC76DA85 "Don`t forget to mount a scratch monkey"