Detail publikace

Experimental Evaluation of Password Recovery in Encrypted Documents

Originální název

Experimental Evaluation of Password Recovery in Encrypted Documents

Anglický název

Experimental Evaluation of Password Recovery in Encrypted Documents

Jazyk

en

Originální abstrakt

Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to protect privacy of the sensitive contents. The encryption is based on common cryptography algorithms as AES, SHA, RC4. For forensic purposes, investigators are often challenged to analyze these encrypted documents. The task of password recovery can be solved by exhaustive state space search using dictionaries or password generators augmented with heuristic rules to speed up the recovery. In our experimental study, we focus on the password recovery of popular document and archiving formats using parallel computation on common hardware with multicore CPUs or accelerated with GPU processors. We show how recovery time can be estimated based on alphabet, maximal password length and performance of given hardware. Our results are demonstrated on Wrathion, a tool developed by our research team.

Anglický abstrakt

Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to protect privacy of the sensitive contents. The encryption is based on common cryptography algorithms as AES, SHA, RC4. For forensic purposes, investigators are often challenged to analyze these encrypted documents. The task of password recovery can be solved by exhaustive state space search using dictionaries or password generators augmented with heuristic rules to speed up the recovery. In our experimental study, we focus on the password recovery of popular document and archiving formats using parallel computation on common hardware with multicore CPUs or accelerated with GPU processors. We show how recovery time can be estimated based on alphabet, maximal password length and performance of given hardware. Our results are demonstrated on Wrathion, a tool developed by our research team.

BibTex


@inproceedings{BUT119933,
  author="Radek {Hranický} and Petr {Matoušek} and Ondřej {Ryšavý} and Vladimír {Veselý}",
  title="Experimental Evaluation of Password Recovery in Encrypted Documents",
  annote="Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to
protect privacy of the sensitive contents. The encryption is based on common
cryptography algorithms as AES, SHA, RC4. For forensic purposes, investigators
are often challenged to analyze these encrypted documents. The task of password
recovery can be solved by exhaustive state space search using dictionaries or
password generators augmented with heuristic rules to speed up the recovery. In
our experimental study, we focus on the password recovery of popular document and
archiving formats using parallel computation on common hardware with multicore
CPUs or accelerated with GPU processors. We show how recovery time can be
estimated based on alphabet, maximal password length and performance of given
hardware. Our results are demonstrated on Wrathion, a tool developed by our
research team.",
  address="SciTePress - Science and Technology Publications",
  booktitle="Proceedings of ICISSP 2016",
  chapter="119933",
  doi="10.5220/0005685802990306",
  edition="NEUVEDEN",
  howpublished="print",
  institution="SciTePress - Science and Technology Publications",
  year="2016",
  month="february",
  pages="299--306",
  publisher="SciTePress - Science and Technology Publications",
  type="conference paper"
}