Experimental Evaluation of Password Recovery in Encrypted Documents

článek ve sborníku ve WoS nebo Scopus

angličtina

Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to protect privacy of the sensitive contents. The encryption is based on common cryptography algorithms as AES, SHA, RC4. For forensic purposes, investigators are often challenged to analyze these encrypted documents. The task of password recovery can be solved by exhaustive state space search using dictionaries or password generators augmented with heuristic rules to speed up the recovery. In our experimental study, we focus on the password recovery of popular document and archiving formats using parallel computation on common hardware with multicore CPUs or accelerated with GPU processors. We show how recovery time can be estimated based on alphabet, maximal password length and performance of given hardware. Our results are demonstrated on Wrathion, a tool developed by our research team.

Password Recovery, Privacy, Digital Forensics, Encrypted Documents

HRANICKÝ, R.; MATOUŠEK, P.; RYŠAVÝ, O.; VESELÝ, V.

19. 2. 2016

SciTePress - Science and Technology Publications

Roma

978-989-758-167-0

Proceedings of ICISSP 2016

299

306

8

http://www.scitepress.org/DigitalLibrary/PublicationsDetail.aspx?ID=Dly3xWiSKbs=&t=1