Radek Hranický scite author profile

One of the major challenges in digital forensics today is data encryption. Due to the leaked information about unlawful sniffing, many users decided to protect their data by encryption. In case of criminal activities, forensic experts are challenged how to decipher suspects' data that are subject to investigation. A common method how to overcome password-based protection is a brute force password recovery using GPU-accelerated hardware. This approach seems to be expensive. This paper presents an alternative approach using task distribution based on BOINC platform. The cost, time, and energy efficiency of this approach is discussed and compared to the GPU-based solution.

show abstract

Experimental Evaluation of Password Recovery in Encrypted Documents

Hranický

Matoušek

Ryšavý

et al. 2016

View full text Add to dashboard Cite

Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to protect the privacy of sensitive contents of the documents. The encryption is based on standard cryptographic algorithms as AES, SHA, and RC4. For forensic purposes, investigators are often challenged to analyze these encrypted documents. The task of password recovery can be solved using exhaustive state space search using dictionaries or password generators augmented with heuristic rules to speed up recovery. In our experimental study, we focus on the password recovery of the common document and archiving formats using parallel computation on conventional hardware with multi-core CPUs or accelerated by GPU processors. We show how recovery time can be estimated based on the alphabet, maximal password length and the performance of a given hardware. Our results are demonstrated on Wrathion, a tool developed by our research team.

show abstract

On Practical Aspects of PCFG Password Cracking

Hranický

Lištiak

Mikuš

et al. 2019

View full text Add to dashboard Cite

When users choose passwords to secure their computers, data, or Internet service accounts, they tend to create passwords that are easy to remember. Probabilistic methods for password cracking profit from this fact, and allow the attackers and forensic investigators to guess user passwords more precisely. In this paper, we present our additions to a technique based on probabilistic context-free grammars. By modification of existing principles, we show how to guess more passwords for the same time, and how to reduce the total number of guesses without significant impact on success rate.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Radek Hranický

What do incident response practitioners need to know? A skillmap for the years ahead

Distributed password cracking with BOINC and hashcat

On Efficiency of Distributed Password Recovery

Experimental Evaluation of Password Recovery in Encrypted Documents

On Practical Aspects of PCFG Password Cracking

Contact Info

Product

Resources

About