Experimental Evaluation of Password Recovery in Encrypted Documents

Radek Hranický; Petr Matoušek; Ondřej Ryšavý; Vladimír Veselý

doi:10.5220/0005685802990306

Experimental Evaluation of Password Recovery in Encrypted Documents

Radek Hranický, Petr Matoušek, Ondřej Ryšavý, Vladimír Veselý

2016

Abstract

Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to protect the privacy of sensitive contents of the documents. The encryption is based on standard cryptographic algorithms as AES, SHA, and RC4. For forensic purposes, investigators are often challenged to analyze these encrypted documents. The task of password recovery can be solved using exhaustive state space search using dictionaries or password generators augmented with heuristic rules to speed up recovery. In our experimental study, we focus on the password recovery of the common document and archiving formats using parallel computation on conventional hardware with multi-core CPUs or accelerated by GPU processors. We show how recovery time can be estimated based on the alphabet, maximal password length and the performance of a given hardware. Our results are demonstrated on Wrathion, a tool developed by our research team.

Download

Paper Citation

in Harvard Style

Hranický R., Matoušek P., Ryšavý O. and Veselý V. (2016). Experimental Evaluation of Password Recovery in Encrypted Documents . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 299-306. DOI: 10.5220/0005685802990306

in Bibtex Style

@conference{icissp16,
author={Radek Hranický and Petr Matoušek and Ondřej Ryšavý and Vladimír Veselý},
title={Experimental Evaluation of Password Recovery in Encrypted Documents},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={299-306},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005685802990306},
isbn={978-989-758-167-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Experimental Evaluation of Password Recovery in Encrypted Documents
SN - 978-989-758-167-0
AU - Hranický R.
AU - Matoušek P.
AU - Ryšavý O.
AU - Veselý V.
PY - 2016
SP - 299
EP - 306
DO - 10.5220/0005685802990306