The research on Outlook password recovery

Author

Lijun Zhang ; Yu Fei

Author_Institution

Sci. & Technol. on Commun. Security Lab., Chengdu, China

fYear

2013

fDate

20-22 Dec. 2013

Firstpage

1715

Lastpage

1719

Abstract

Outlook is the email client in the Microsoft office package, which has become one of the most widely applied email processing systems in the personal and commercial office environment. This paper studies the password recovery for various accounts in Outlook and we find the method of online recovery by exploiting the Windows cryptographic interface DPAPI for sensitive data. This recovery method enables one to retrieve his password very conveniently. Furthermore, we investigate the inner workings of encryption and decryption functions in DPAPI and present a detailed analysis on the encrypted data type, storage structure, cryptographic algorithm and key generation. To the best of our knowledge, for the first time we give the way of offline password recovery which could be remarkably helpful in the computer forensics.

Keywords

authorisation; cryptography; digital forensics; electronic mail; DPAPI Windows cryptographic interface; Microsoft Office package; Outlook password recovery; commercial office environment; computer forensics; cryptographic algorithm; decryption functions; e-mail client; e-mail processing systems; encrypted data type; encryption functions; key generation; offline password recovery; online recovery; password retrieval; personal office environment; Algorithm design and analysis; Ciphers; Computers; Electronic mail; Encryption; Libraries; Outlook account; Windows DPAPI; computer forensics; cryptographic algorithm; password recovery;

fLanguage

English

Publisher

ieee

Conference_Titel

Mechatronic Sciences, Electric Engineering and Computer (MEC), Proceedings 2013 International Conference on

Conference_Location

Shengyang

Print_ISBN

978-1-4799-2564-3

Type

conf

DOI

10.1109/MEC.2013.6885332

Filename

6885332