Data Decryption & Password Recovery

Download Data Decryption & Password Recovery

Post on 21-May-2015




1 download

Embed Size (px)


  • 1. Data Decryption &Password RecoveryHow Special Tools Facilitate Investigations !"#$%&()"*

2. Who are we? Founded in 1990 In password recovery since 1998 Privately owned HQ and Dev in Moscow, Russia Four US patents issued, more to come 3. ProductsOverview 4. Stored PasswordsBrowsersMailIMs 5. Protected FilesOfce PDF Archives 6. Protected FilesPGP WordPerfect Accounting 7. Distributed RecoveryMany le typesWorks over LANs andWANsUp to 10000 nodesHardware acceleration 8. AuditWindows Domains Wireless Networks 9. Technology 10. Thunder Tables 11. Recovers encryption key Password remains unknown Works only with 40-bit encryption MS Word 97-2003, Adobe PDF Word 2007/2010 when saving in .doc Can be applied to passwords 12. Based on Rainbow Tables TT = RT + Keys not in RT Provides guaranteed decryption (except for MS Excel les) Data ts on DVD or 4 Gb USB stick Average key search time is 25 seconds 13. 100% 99.4% 99.9% 100% 95.7% 89.4%75%77.6% 69.7%Keys recovered This is dual-core CPU with tables on HDD50%54.7% Quad-core with tables on SSD will be way 40.2% faster!25%25.3%17.4%0%1 sec. 2 sec. 5 sec. 10 sec. 20 sec. 30 sec. 1 min. 2 min. 5 min. 10 min. 15 min. Attack duration 14. Demo 15. GPU Acceleration 16. Order of magnitude faster than CPU Competing vendors: NVIDIA and ATI Hardware readily available Consumer- and enterprise-grade solutions Very competitive hardware pricing 17. Core i7-920 1,000GeForce 295 8,200GeForce 48011,300Radeon 597039,0000 10,000 20,00030,000 40,000Office 2007, Passwords per Second 18. TACC Acceleration 19. Times faster than CPU Very easy to use No drivers Portable Low power consumption ( no overheating) Scales easily 20. 1,000Core i7-920$250 2,500TACC1441 $4,0005,000Tesla C1060 $1,50001,2502,5003,7505,000 Office 2007, Passwords per Second 21. Technology letsdo more in less time! 22. New Products & Features 23. Elcomsoft PhonePassword Breaker 24. Elcomsoft Phone Password Breaker Recovers passwords for mobile devicesbackups Works ofine (device is not needed) Decrypts backups (you can use favoritemobile forensics tools) Recovers passwords stored in Keychain GPU & TACC acceleration 25. iOS 4.x BackupSecurity Password verication is done on the device PBKDF2-SHA1 with 10000 iterations Was 2000 iterations in iPhoneOS 3.x No data leaves device unencrypted AES-256, per-le key and IV 26. Backup password Backup keybag Backup master keyEncrypted FEK and IV FEK encryption key AES-256 key and IV to decrypt le 27. iOS 4.x KeychainSecurity Keychain is system-wide storage for secrets Sort of Protected Storage for iOS Encrypted with device-specic key Plain backups include keychain as-is Encrypted backups include keychain re-encrypted on key derived from password The only reliable way to get stored secrets 28. Blackberry Backup Security Password verication is done on the PC PBKDF2-SHA1 with 1 (one) iteration Generating 256 bytes of key data, using256 bits Data encryption done on PC AES-256, single leStill think Blackberry is more secure? 29. Demo 30. Questions? 31. Thank you 32. Data Decryption &Password RecoveryHow Special Tools Facilitate Investigations !"#$%&()"*