Research Article


DOI :10.26650/acin.804201   IUP :10.26650/acin.804201    Full Text (PDF)

Password Cracking Methods and Techniques in Computer Forensic Investigation

İlker Kara

The unending increase in information systems and data use has triggered the birth of danger to information security. According to recently published reports, apart from military forces and e-commerce websites, ordinary users have begun to use encryption techniques to protect systems and documents. In spite of precautions, smart attacks prepared using a variety of concealing techniques overcome available protection methods and can obtain the passwords and user names of on the target system. Corporate firms and ordinary users commonly use new-generation encryption methods to hide their data. This situation creates large obstacles forto the investigation of computer systems and files which are the subject of forensic events, especially. If a suspect uses a computer system with encrypted files, to obtain evidence, firstly, it is necessary to know these encryptions or to crack them. In this step, if the suspect does not give law enforcement the encryptions willingly, forensic experts attempt to break the encryption with a variety of methods. This process is generally difficult, and in some situations, the encrypted data on the suspect’s system cannot be reached. This study provides two contributions. The first is that a detailed investigation of the most commonly used encryption cracking methods are investigated in detail. Secondly, an example forensic case encrypted with the “BitLocker” data encryption method is investigated and the steps to break the encrypted data are investigated. The results show that the methods used to access the encrypted data is effective and that the encryption was cracked. 

DOI :10.26650/acin.804201   IUP :10.26650/acin.804201    Full Text (PDF)

Adli Bilişim İncelemelerinde Şifre Kırma Yöntem ve Teknikleri

İlker Kara

Bilgi sistemleri ve veri kullanımındaki sonsuz artış, bilgi güvenliğinde tehlikenin doğuşunu tetikledi. Son yayınlanan raporlara göre askeri kuvvetler ve e-ticaret web siteleri dışında sıradan kullanıcılarda sistemleri ve belgelerini korumak için şifreleme teknikleri kullanmaya başlanmışlardır. Alınana tedbirlere rağmen çeşitli gizleme tekniklerini kullanarak hazırlanan akıllı saldırılar mevcut korunma yöntemlerini atlatarak hedef sistemdeki parola ve kullanıcı adlarını ele geçirebilmektedir. Kurumsal firmalar ve sıradan kullanıcılar verilerini gizlemek için yeni nesil şifreleme yöntemlerini yaygın olarak kullanmaktadır. Bu durum özellikle adli olaylara konu olan bilgi sistemleri ve dosyaların incelenmesinde büyük engeller oluşturmaktadır. Eğer şüpheli kişi kullanmış olduğu bilgi sistemi veya dosyalarını şifrelenmiş ise delil elde etmek için önce bu şifrelerin önceden bilinmesi ya da şifrenin kırılması gereklidir. Bu adımda şüpheli kendi rızasıyla parola kolluk kuvvetlerine vermemesi durumunda adli uzmanlar çeşitli yönetmelerle şifreleri kırmaya çalışmakta bu süreç genellikle zor olmakta ve bazı durumlarda şüpheli sistemdeki şifreli verilere ulaşılamamaktadır. Bu çalışma iki katkı sunmaktadır. İlk olarak en çok kullanılan şifre kırma yöntemleri detaylı olarak incelenmiştir. İkincisi, “BitLocker” veri şifreleme yöntemiyle şifrelenmiş örnek bir adli vaka incelenerek şifreli verileri kırılma adımları incelenmiştir. Sonuçlardan şifrelenmiş verilerin erişmek için kullanılan yöntemin etkili olduğunu ve şifrelerin kırıldığı göstermektedir. 


PDF View

References

  • Al Fahdi, M., Clarke, N. L., & Furnell, S. M. (2013, August). “Challenges to digital forensics: A survey of researchers & practitioners attitudes and opinions.” In 2013 Information Security for South Africa (pp. 1-8). IEEE. google scholar
  • Aggarwal, S., Houshmand, S., & Weir, M. (2018). “New technologies in password cracking techniques.” In Cyber Security: Power and Technology (pp.179-198). Springer, Cham. google scholar
  • Agostini, E., & Bernaschi, M. (2019). “BitCracker: BitLocker meets GPUs”. arXiv preprint arXiv:1901.01337. google scholar
  • Beşkirli, A., Özdemir, D., & Beşkirli, M. (2019). “Şifreleme Yöntemleri ve RSA Algoritması Üzerine Bir İnceleme”. Avrupa Bilim ve Teknoloji Dergisi, 284-291. google scholar
  • Bhanot, R., Hans, R. (2015). “A review and comparative analysis of various encryption algorithms.” International Journal of Security and Its Applications, 9(4): 289-306. google scholar
  • Billet O., Gilbert, H. (2006). “Cryptanalysis of rainbow.” Security and Cryptography for Networks, 4116:336-347. google scholar
  • Castelluccia C., Durmuth M., Perito, D. (2012). “Adaptive password-strength meters from Markov models.” Proc. of the Network and Distributed System Security Symposium. google scholar
  • Dass, A.S., Prabhu, J. (2020). “Hybrid coherent encryption scheme for multimedia big data management using cryptographic encryption methods.” International Journal of Grid and Utility Computing, 11(4):496-508. google scholar
  • Dürmuth, M., Angelstorf, F., Castelluccia, C., Perito, D., & Chaabane, A. (2015, March). “OMEN: Faster password guessing using an ordered markov enumerator”. In International Symposium on Engineering Secure Software and Systems (pp. 119-132). Springer, Cham. google scholar
  • Guddeti, P., Dharavath, N. (2020). “Analysis of password protected Document.” COMPUSOFT: An International Journal of Advanced Computer Technology, 9(7): 3762-3767. google scholar
  • Harichandran, V. S., Breitinger, F., Baggili, I., & Marrington, A. (2016). “A cyber forensics needs analysis survey: Revisiting the domain’s needs a decade later.” Computers & Security, 57, 1-13. google scholar
  • Hassan, N. A. (2019). “Digital Forensics Basics: A Practical Guide Using Windows OS.” Apress. google scholar
  • Hellman, M. (1980). “A cryptanalytic time-memory trade-off.” IEEE transactions on Information Theory, 26(4), 401-406. google scholar
  • Hitaj, B., Gasti, P., Ateniese, G., & Perez-Cruz, F. (2019, June). “Passgan: A deep learning approach for password guessing.” In International Conference on Applied Cryptography and Network Security (pp. 217-237). Springer, Cham. google scholar
  • Hur, U., Park, M., Kim, G., Park, Y., Lee, I., Kim, J. (2019). “Data acquisition methods using backup data decryption of Sony smartphones.” Digital Investigation, 31:200890. google scholar
  • Houshmand S., Aggarwal S. (2017). “Using personal information in targeted grammar-based probabilistic password attacks.” In: IFIP International Conference on Digital Forensics. 285-303. google scholar
  • Kara, İ. (2019). “Kaba Kuvvet Saldırı Tespiti ve Teknik Analizi.” Sakarya University Journal of Computer and Information Sciences, 2(2): 61-69. google scholar
  • Kaya, Ö. F., Öztürk, E. (2017). “Veri ve Ağ Güvenliği İçin Uygulama ve Analiz Çalışmaları.” Istanbul Ticaret Universitesi Fen Bilimleri Dergisi, 16(31): 85-102. google scholar
  • Kelley P.G., Komanduri S., Mazurek M.L., Shay R., Vidas, T., Bauer, L., ... Lopez, J. (2012). “Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms.” In 2012 IEEE symposium on security and privacy, 523-537. google scholar
  • Kanta, A., Coisel, I., & Scanlon, M. (2020). “A survey exploring open source Intelligence for smarter password cracking.” Forensic Science International: Digital Investigation, 35, 301075. google scholar
  • Kumar, S. (2015). “Digital Evidence-Technical Issues.” Advances in Computer Science and Information Technology (ACSIT). 2(11) 42-47. google scholar
  • Lillis, D., Becker, B., O’Sullivan, T., & Scanlon, M. (2016). “Current challenges and future research areas for digital forensic investigation.” arXiv preprint arXiv:1604.03850. google scholar
  • Lehto, M., & Neittaanmaki, P. (Eds.). (2018). “Cyber Security: Power and Technology” (Vol. 93). Springer. google scholar
  • Saracevic, M. H., Adamovic, S. Z., Miskovic, V. A., Elhoseny, M., Macek, N. D., Selim, M. M., & Shankar, K. (2020). “Data Encryption for Internet of Things Applications Based on Catalan Objects and Two Combinatorial Structures.” IEEE Transactions on Reliability. google scholar
  • Oechslin, P. (2003). “Making a faster cryptanalytic time-memory trade-off,” Advances in Cryptology, 617-630. google scholar
  • Raza, M., Iqbal, M., Sharif, M., & Haider, W. (2012). “A survey ofpassword attacks and comparative analysis on methods for secure authentication.” World Applied Sciences Journal, 19(4), 439-444. google scholar
  • Thing V.L.L., Ying H.M. (2009). “A Novel Time-Memory TradeoffMethod for Password Recovery.” google scholar
  • Noorunnisa, N.S., Afreen, D.K.R. (2016). “Review on Honey Encryption Technique.” International Journal of Science and Research, 2319-7064. google scholar
  • Madsen W. (1998). “Encryption debate rages again.” Network Security, 5: 8-9. google scholar
  • Milo, F., Bernaschi, M., & Bisson, M. (2011). “A fast, GPU based, dictionary attack to OpenPGP secret keyrings.” Journal of Systems and Software, 84(12), 2088-2096. google scholar
  • Thakur, S., Singh, A.K., Ghrera, S.P., Elhoseny, M. (2019). “Multi-layer security ofmedical data through watermarking and chaotic encryption for tele-health applications.” Multimedia tools and Applications, 78(3):3457-3470. google scholar
  • Narayanan A., Shmatikov V. (2005). “Fast dictionary attacks on passwords using time-space tradeoff,” Proc. of the 12th ACM Conference on Computer and Communications Security, 2005. google scholar
  • Zhang Y., Monrose F., Reiter M.K. (2010). “The security of modern password expiration: An algorithmic framework and empirical analysis.” In Proceedings of the 17th ACM conference on Computer and communications security, 176-186. google scholar
  • Wang, X. J., Liao, X. F., & Huang, H. Y. (2013). “Improvement of rainbow table technology based on number cutting of reduction function.” Comput.Eng, 7, 36. google scholar
  • Weir M.S., B. Aggarwal de Medeiros., Glodek B. (2009). “Password cracking using probabilistic context-free grammars,” Proc. of the 30th IEEE Symposium on Security and Privacy, 391-405. google scholar
  • Weir M., Aggarwal S., Collins M., Stern, H. (2010). “Testing metrics for password creation policies by attacking large sets of revealed passwords.” In Proceedings of the 17th ACM conference on Computer and communications security, 162-175. google scholar

Citations

Copy and paste a formatted citation or use one of the options to export in your chosen format


EXPORT



APA

Kara, İ. (2021). Password Cracking Methods and Techniques in Computer Forensic Investigation. Acta Infologica, 5(1), 27-38. https://doi.org/10.26650/acin.804201


AMA

Kara İ. Password Cracking Methods and Techniques in Computer Forensic Investigation. Acta Infologica. 2021;5(1):27-38. https://doi.org/10.26650/acin.804201


ABNT

Kara, İ. Password Cracking Methods and Techniques in Computer Forensic Investigation. Acta Infologica, [Publisher Location], v. 5, n. 1, p. 27-38, 2021.


Chicago: Author-Date Style

Kara, İlker,. 2021. “Password Cracking Methods and Techniques in Computer Forensic Investigation.” Acta Infologica 5, no. 1: 27-38. https://doi.org/10.26650/acin.804201


Chicago: Humanities Style

Kara, İlker,. Password Cracking Methods and Techniques in Computer Forensic Investigation.” Acta Infologica 5, no. 1 (Jul. 2021): 27-38. https://doi.org/10.26650/acin.804201


Harvard: Australian Style

Kara, İ 2021, 'Password Cracking Methods and Techniques in Computer Forensic Investigation', Acta Infologica, vol. 5, no. 1, pp. 27-38, viewed 26 Jul. 2021, https://doi.org/10.26650/acin.804201


Harvard: Author-Date Style

Kara, İ. (2021) ‘Password Cracking Methods and Techniques in Computer Forensic Investigation’, Acta Infologica, 5(1), pp. 27-38. https://doi.org/10.26650/acin.804201 (26 Jul. 2021).


MLA

Kara, İlker,. Password Cracking Methods and Techniques in Computer Forensic Investigation.” Acta Infologica, vol. 5, no. 1, 2021, pp. 27-38. [Database Container], https://doi.org/10.26650/acin.804201


Vancouver

Kara İ. Password Cracking Methods and Techniques in Computer Forensic Investigation. Acta Infologica [Internet]. 26 Jul. 2021 [cited 26 Jul. 2021];5(1):27-38. Available from: https://doi.org/10.26650/acin.804201 doi: 10.26650/acin.804201


ISNAD

Kara, İlker. Password Cracking Methods and Techniques in Computer Forensic Investigation”. Acta Infologica 5/1 (Jul. 2021): 27-38. https://doi.org/10.26650/acin.804201



TIMELINE


Submitted02.10.2021
Accepted22.02.2021
Published Online31.05.2021

LICENCE


Attribution-NonCommercial (CC BY-NC)

This license lets others remix, tweak, and build upon your work non-commercially, and although their new works must also acknowledge you and be non-commercial, they don’t have to license their derivative works on the same terms.


SHARE




Istanbul University Press aims to contribute to the dissemination of ever growing scientific knowledge through publication of high quality scientific journals and books in accordance with the international publishing standards and ethics. Istanbul University Press follows an open access, non-commercial, scholarly publishing.