• DocumentCode
    170499
  • Title

    The forensic analysis of encrypted Truecrypt volumes

  • Author

    Lijun Zhang ; Yu Zhou ; Jia Fan

  • Author_Institution
    Sci. & Technol. on Commun. Security Lab., Chengdu, China
  • fYear
    2014
  • fDate
    16-18 May 2014
  • Firstpage
    405
  • Lastpage
    409
  • Abstract
    In this paper, we investigate the inner encryption principles of Truecrypt volumes including cryptographic algorithms, encryption mode, key derivation way and password verifying process. Besides, we explain the forensic operation by password cracking with concrete data instances. Our research could be helpful in two scenarios of Truecrypt application: one is to enable a personal user to retrieve his forgotten password, the other is to provide computer forensic analysis of criminal activity. To the best of our knowledge, this is the first time that the complete and explicit password cracking details are presented publicly and finally we also give some suggestion to enhance the security of Truecrypt encryption.
  • Keywords
    cryptography; digital forensics; Truecrypt volumes; cryptographic algorithms; encryption mode; encryption principles; forensic analysis; key derivation; password verification process; Computers; Encryption; Forensics; Graphics processing units; Truecrypt; computer forensic; cryptographic algorithm; encrypted volume;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Progress in Informatics and Computing (PIC), 2014 International Conference on
  • Conference_Location
    Shanghai
  • Print_ISBN
    978-1-4799-2033-4
  • Type

    conf

  • DOI
    10.1109/PIC.2014.6972366
  • Filename
    6972366
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=170499