Title :
The forensic analysis of encrypted Truecrypt volumes
Author :
Lijun Zhang ; Yu Zhou ; Jia Fan
Author_Institution :
Sci. & Technol. on Commun. Security Lab., Chengdu, China
Abstract :
In this paper, we investigate the inner encryption principles of Truecrypt volumes including cryptographic algorithms, encryption mode, key derivation way and password verifying process. Besides, we explain the forensic operation by password cracking with concrete data instances. Our research could be helpful in two scenarios of Truecrypt application: one is to enable a personal user to retrieve his forgotten password, the other is to provide computer forensic analysis of criminal activity. To the best of our knowledge, this is the first time that the complete and explicit password cracking details are presented publicly and finally we also give some suggestion to enhance the security of Truecrypt encryption.
Keywords :
cryptography; digital forensics; Truecrypt volumes; cryptographic algorithms; encryption mode; encryption principles; forensic analysis; key derivation; password verification process; Computers; Encryption; Forensics; Graphics processing units; Truecrypt; computer forensic; cryptographic algorithm; encrypted volume;
Conference_Titel :
Progress in Informatics and Computing (PIC), 2014 International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4799-2033-4
DOI :
10.1109/PIC.2014.6972366
