The Association of Digital Forensics, Security and Law (ADFSL)
One of the major challenges in digital forensics today is data encryption. Due to the leaked information about unlawful sniffing, many users decided to protect their data by encryption. In case of criminal activities, forensic experts are challenged how to decipher suspect's data that are subject to investigation. A common method how to overcome password-based protection is a brute force password recovery using GPU-accelerated hardware. This approach seems to be expensive. This paper presents an alternative approach using task distribution based on BOINC platform. The cost, time and energy efficiency of this approach is discussed and compared to the GPU-based solution.
Adobe Systems. (2008, June). Adobe Supplement to the ISO 32000. BaseVersion: 1.7. ExtensionLevel:3 (Tech. Rep.).
Anderson, D. P. (2004, Nov). BOINC: a system for public-resource computing and storage. In Proceedings of the Fifth IEEE/ACM International Workshop Grid Computing (pp. 4–10).
Apostal, D., Foerster, K., Chatterjee, A., & Desell, T. (2012, Dec). Password recovery using MPI and CUDA. In Proc. of HiPS, 2012 (p. 1-9).
Dell’Amico, M., Michiardi, P., & Roudier, Y. (2009). Measuring Password Strength: An Empirical Analysis. CoRR, abs/0907.3402 .
Dija, S., Balan, C., Anoop, V., & Ramani, B. (2011). Towards Successful Forensic Recovery of BitLocked Volumes. In 6th Conference on System of Systems Engineering (SoSE) (pp. 317–322).
Hranick´y, R., Matouˇsek, P., Ryˇsav´y, O., & Vesel´y, V. (2016). Experimental Evaluation of Password Recovery in Encrypted Documents. In Proceedings of ICISSP 2016 (pp. 299–306).
Roma. Kang, S. J., Lee, S. Y., & Lee, K. M. (2015, Aug). Performance Comparison of OpenMP, MPI, and MapReduce in Practical Problems. Advances in Multimedia, 9.
Kelley, P., Komanduri, S., Mazurek, M., Shay, R., Vidas, T., Bauer, L., . . . Lopez, J. (2012, May). Guess Again (and Again and Again): Measuring Password Strength by Simulating PasswordCracking Algorithms. In IEEE Symposium on Security and Privacy (p. 523- 537).
Marechal, S. (2007). Advances in password cracking. Journal in Computer Virology, 4 (1), 73–81.
Marks, M., & Niewiadomska-Szynkiewicz, E. (2014). Hybrid CPU/GPU Platform For High Performance Computing. In Proc. of the 28th ECMS.
Page, A. J., & Naughton, T. J. (2005). Dynamic task scheduling using genetic algorithms for heterogeneous distributed computing. In 19th int. parallel and distr. processing (pp. 189a–189a).
Pellicer, S., Pan, Y., & Guo, M. (2004). Proc. of Grid and Cooperative Computing. In H. Jin, Y. Pan, N. Xiao, & J. Sun (Eds.), (pp. 679–686). Berlin, Heidelberg: Springer.
Reimann, S. (2013). Analyzing the Structure of Passwords to Improve Strength Measurement and Password Cracking (MSc. Thesis). Ruhr-Universit¨at, Bochum, DE.
Thing, V. L., & Ying, H.-M. (2009). A novel time-memory trade-off method for password recovery. Digital Investigation, 6, Supplement(0), S114 - S120.
Ur, B., Kelley, P. G., Komanduri, S., Lee, J., Maass, M., Mazurek, M. L., . . . Cranor, L. F. (2012). How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation. In Usenix security (pp. 65–80).
Yi-ming, J., & Sheng-li, L. (2010). The Analysis of Security Weakness in BitLocker Technology. In Proc. of the Int. Conference on Networks Security, Wireless Communications and Trusted Computing (pp. 494– 497).
Zhang, L., Zhou, Y., & Fan, J. (2014). The Forensic Analysis of Encrypted Truecrypt Volumes. In Int. Conference on Progress in Informatics and Computing (PIC) (pp. 405–409).
Hranický, Radek; Holkovič, Martin; and Matoušek, Petr
"On Efficiency of Distributed Password Recovery,"
Journal of Digital Forensics, Security and Law: Vol. 11
, Article 5.
Available at: https://commons.erau.edu/jdfsl/vol11/iss2/5