Your SlideShare is downloading. ×
0
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Data Decryption & Password Recovery
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Data Decryption & Password Recovery

1,669

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,669
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
32
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Data Decryption &Password RecoveryHow Special Tools Facilitate Investigations !"#$%&()"*
  • 2. Who are we?• Founded in 1990• In password recovery since 1998• Privately owned• HQ and Dev in Moscow, Russia• Four US patents issued, more to come
  • 3. ProductsOverview
  • 4. Stored PasswordsBrowsers Mail IMs
  • 5. Protected FilesOffice PDF Archives
  • 6. Protected FilesPGP WordPerfect Accounting
  • 7. Distributed Recovery Many file types Works over LANs and WANs Up to 10’000 nodes Hardware acceleration
  • 8. AuditWindows Domains Wireless Networks
  • 9. Technology
  • 10. Thunder Tables®
  • 11. • Recovers encryption key• Password remains unknown• Works only with 40-bit encryption ‣ MS Word 97-2003, Adobe PDF ‣ Word 2007/2010 when saving in .doc• Can be applied to passwords
  • 12. • Based on Rainbow Tables • TT = RT + Keys not in RT• Provides guaranteed decryption (except for MS Excel files)• Data fits on DVD or 4 Gb USB stick• Average key search time is 25 seconds
  • 13. 100% 99.4% 99.9% 100% 95.7% 89.4% 75% 77.6% 69.7%Keys recovered This is dual-core CPU with tables on HDD 50% 54.7% Quad-core with tables on SSD will be way 40.2% faster! 25% 25.3% 17.4% 0% 1 sec. 2 sec. 5 sec. 10 sec. 20 sec. 30 sec. 1 min. 2 min. 5 min. 10 min. 15 min. Attack duration
  • 14. Demo
  • 15. GPU Acceleration
  • 16. • Order of magnitude faster than CPU• Competing vendors: NVIDIA and ATI• Hardware readily available ‣ Consumer- and enterprise-grade solutions ‣ Very competitive hardware pricing
  • 17. Core i7-920 1,000GeForce 295 8,200GeForce 480 11,300Radeon 5970 39,000 0 10,000 20,000 30,000 40,000 Office 2007, Passwords per Second
  • 18. TACC Acceleration
  • 19. • Times faster than CPU• Very easy to use ‣ No drivers ‣ Portable• Low power consumption ( no overheating)• Scales easily
  • 20. 1,000Core i7-920 $250 2,500TACC1441 $4,000 5,000Tesla C1060 $1,500 0 1,250 2,500 3,750 5,000 Office 2007, Passwords per Second
  • 21. Technology letsdo more in less time!
  • 22. New Products & Features
  • 23. Elcomsoft PhonePassword Breaker
  • 24. Elcomsoft Phone Password Breaker• Recovers passwords for mobile devices backups• Works offline (device is not needed)• Decrypts backups (you can use favorite mobile forensics tools)• Recovers passwords stored in Keychain• GPU & TACC acceleration
  • 25. iOS 4.x Backup Security• Password verification is done on the device ‣ PBKDF2-SHA1 with 10’000 iterations ‣ Was 2000 iterations in iPhoneOS 3.x• No data leaves device unencrypted ‣ AES-256, per-file key and IV
  • 26. Backup password Backup keybag Backup master keyEncrypted FEK and IV FEK encryption key AES-256 key and IV to decrypt file
  • 27. iOS 4.x Keychain Security• Keychain is system-wide storage for secrets ‣ Sort of Protected Storage for iOS• Encrypted with device-specific key• Plain backups include keychain “as-is”• Encrypted backups include keychain re- encrypted on key derived from password ‣ The only reliable way to get stored secrets
  • 28. Blackberry Backup Security• Password verification is done on the PC ‣ PBKDF2-SHA1 with 1 (one) iteration ‣ Generating 256 bytes of key data, using 256 bits• Data encryption done on PC ‣ AES-256, single file Still think Blackberry is more secure?
  • 29. Demo
  • 30. Questions?
  • 31. Thank you
  • 32. Data Decryption &Password RecoveryHow Special Tools Facilitate Investigations !"#$%&()"*

×