Greatings all,
I am a student working on her BS in computer science in hopes of working with computer forensics. I am doing a paper at the moment on asymmetrical encryption and I wanted to include a bit about how someone would crack a file that had been encrypted.
From what I have read, the general way to go is brute force unless someone has written a program to hack files written by a specific program. I was just wondering if this understanding is correct or if there are other methodologies one uses in order to open encrypted files.
I am not quite sure I trust a lot of what I am reading online, since most of the sites seam to be by hackers and I don't dare download any of the files to try. In fact to be really safe I am doing the research through a virtual machine so if any of the sites have nasty stuff attached it won't hurt little ol' me. lol
Anyway any advice or resources would be greatly appreciated.
Thanks!
So if you do not trust the information , you have discovered the value of using 'peer reviewed' sources.
Perhaps you need to be looking at "ACM" "springerlink", "Elsevier",etc
there is loads of material written by 'real' profesionals in thier respective fields.
If your really really lucky you might even find something about password hashes , or even "side channel" attacks, or god forbid Mr frosty ram.
I will give you ONE ONLY….
Aciicmez, Onur, Koc, Cetin Kaya & Seifert, Jean-Pierre (2006) On the Power of Simple Branch Prediction Analysis,. [Online]
Available at http//
If you are concerned about possible infection from the demo code, I'd recommend investing in learning virtualization. Both VMWare and Virtual PC are available for free and you can have an environment where it'll be safe to scan, run, and analyze the example code.
There are many academic papers published on crypto. They are also worth reading.
I wrote a paper for UNI last semester (I'm doing computer forensics at Northumbria UNI) on Windows Vista Bit Locker encryption and how to get around it as well as other encryption, you're welcome to it if you want it. I did get 100% for the report D
Also I love encryption, I don't know why, it could be because I'm sad P
Send me a PM
James
If you are concerned about possible infection from the demo code, I'd recommend investing in learning virtualization. Both VMWare and Virtual PC are available for free and you can have an environment where it'll be safe to scan, run, and analyze the example code.
There are many academic papers published on crypto. They are also worth reading.
I just learned about VMWare this semester and am totally in love with it. I have a MAC, before I wanted to go into forensics I wanted to be a graphic designer, and it was hard to do some assignments without windows, but then the clouds opened up a ray of light poured though and there was VMWare. Now I Run Snow Leopard, Vista, and OpenSuse, on my computer, just call me Nerd Girl, and it works so much better than boot camp because I can switch between the two so easily.
It is not hard to do anything on a 'mac'
you need vmware fusion, loads of ram and lots of disc storage
and atleast two monitors.
I work on a mac, then drop into vmware for any version of windows or suse
Enable "snapshots", so you can 'roll' backwards in time, and undo mistakes.
from this setup I have 8 cpu 16gb ram, 8TB of disk storage, which is enough to run every version of windows at the same time.
this gives access to PCB design/FPGA design/forensics/ cross compilers etc. everything you need for forensics and counter-forensics.
There really is no other platform to work on for flexability & stability
It is not hard to do anything on a 'mac'
you need vmware fusion, loads of ram and lots of disc storage
and atleast two monitors.I work on a mac, then drop into vmware for any version of windows or suse
Enable "snapshots", so you can 'roll' backwards in time, and undo mistakes.
from this setup I have 8 cpu 16gb ram, 8TB of disk storage, which is enough to run every version of windows at the same time.
this gives access to PCB design/FPGA design/forensics/ cross compilers etc. everything you need for forensics and counter-forensics.
There really is no other platform to work on for flexability & stability
Ha ha she is a student I don't think she can afford "8 cpu 16gb ram, 8TB of disk storage" P
But I do like the setup!
Seeing as you have some background with VMs you may want to take a look into Liveview @ http//liveview.sourceforge.net/
She can still get by on 1-2 cpu/ cores , as long as there is >2gb ram.
otherwise you bury the O.S with swapping.
Seeing as you have some background with VMs you may want to take a look into Liveview @ http//liveview.sourceforge.net/
yep I wrote a similar system that runs under java(cross platform), but for usb nand-flash storage devices.
It's called 'razorfish' ,it takes an image, then any changes are routed to a "modification file" or optionally directly to a changable copy.
it allows me to back out to any point in time since the start of an investigation, but more importantly it is a COMPLETE log of every operation, which is great, because you can overlay and spot single/multi byte changes.
But it also allows me to build graphs (trees) of modifications to any particular data area, I would add some screen shots but this forum does not allow it directly.
C.