practical approaches to recovering encryption_2

8/14/2019 Practical Approaches to Recovering Encryption_2

http://slidepdf.com/reader/full/practical-approaches-to-recovering-encryption2 1/13

Practical Approaches to

Recovering Encryption

Presented By: Arif Zina

Brute forcing is very time consuming

Brute forcing is very resource intensive

Practical approaches in recovering

Encryption is therefore required



Time to Brute force different key strength of AESsymmetric cipher with US $1 Million X86 hardware

Key Strength Possible Keys Time to Break

40 bits 1,099,511,627,776 < 1 Minute

56 bits 72,057,594,037,927,936 30 minutes

64 bits 18,446,744,073,709,551,616

4 days

80 bits 1.21 x 10^24 800 years

128 bits 3.4 x 10 ^ 38 2.2 x 10^17 years

192 bits 6.28 x 10 ^57 10^36 years

256 bits 1.16 x 10 ^77 10^56 years



Approaches to recovering Encrypted Files

1. Overcoming Weak Encryption

Computer intruders often use simple encryption to obfuscate network traffic and portions of rootkits they install on compromised systems toconceal their presence

Simple form of encryption used is XOR each byte against 255 (0xFF)

Viewing file with using hexadecimal viewer reveals all characters infile to be above decimal value 127.

Absence of ASCII characters suggest some form of charactersubstitution

Guessing that XOR was used, encryption is reversed to reveal thecontents of the rootkit.

Early versions of Microsoft word and excel use XOR to encryptpassword. Easily recovered using Access data’s password recoveryToolkit



2. Finding unencrypted copies of data

At some point before data is encrypted, it exists in

unencrypted form. Using windows EFS: A temporary copy of plaintext might be stored in Paging file (pagefile.sys) prior to

encryption.

Spool files contain copies of unencryrpted files in system32\spool\printers if thefolder is not encrypted.

Searching the disk, an examiner can find file fragments PGP is extremely difficult to decrypt as it employs both symmetric and

asymmetric encryption….However….

When PGP is used to encrypt Microsoft word doc. Although the original docs arewiped out, fragments can be found scattered in disk in deleted MS word tempfiles, some of which can be found by searching for Microsoft word header

Although recovery of entire file might not be possible, enough incriminatingevidence can be recovered



3. Searching RAM for unencrypted data

Content of the application window such as outlok’s email

when encrypted using PGP, a copy of plain text is held inmemory by the application.

Encrypting or decrypting text on Windows 2000 using PGP,

a copy of plaintext is held in memory by PGP tray for anindefinite period.

The memory of this process can be dumped to a file using a

program like pmpdump.



D:\>pslist pgptray

Name Pid Pri Thd Hnd Mem User Time Kernel Time Elapsed TimePGPtray 1332 8 7 150 1264 0:00:00.060 0:00:00.270 2:20:33.466D:\>pmdump 1332 pgptray.memD:\>less pgptray.mem

…╫ ^@^@^@^@^@^@^@^@└^@^V^@^@^@^P^@└╧^V^@`Ç^V^@P Signature Status: good *** Signer: Eoghan Casey <[email protected]>*** Signed: 7/20/2002 8:36:42 PM*** Verified: 7/20/2002 8:41:17 PM*** BEGIN PGP DECRYPTED/VERIFIED MESSAGE ***Return-Path: <[email protected]>Received: from webmailmta.go.com ([204.202.140.199])by lsh110.siteprotect.com (8.9.3/8.9.3) with ESMTP id SAA04960for <[email protected]>; Thu, 11 Jul 2002 18:57:48 -0500Received: from gomailjtp03 ([10.212.0.163])by mta07.seamail.go.com (Sun Internet Mail Server sims.4.0.2001.07.26.11.50.p9) with ESMTP id

<[email protected]> for [email protected]; Thu,11 Jul 2002 16:43:48 -0700 (PDT)Date: Thu, 11 Jul 2002 16:45:32 -0700 (PDT)From: Harold Jones <[email protected]>Subject: TestTo: [email protected]: <6477825.1026431132801.JavaMail.harold1jones@gomailjtp03>MIME-version: 1.0



4. Obtaining Encryption Passphrase

Another practical approach to gaining access to encrypted data is toobtain the passphrase:

Searching the area for slips of paper

Obtain passwords that the suspect uses to protect other personal data

Interviewing the suspect

Accidental memory dumps may disclose information relating toencryption. For instance:

Dr Watson application in win 2000 creates a memory dump when

PGP crashes that can contain encrypted, plain text and passphrases( e.g C:\Documents and Settings\All Users\Documents\Dr Watson\User.dmp)



… kernel32.dllRASAPI32C:\WINNT\tracingC:\Documents and Settings\Administrator\My Documents\PGP\pubring.pkr

C:\Documents and Settings\Administrator\My Documents\PGP\secring.skr & !IN PGP MESSAGE-----Version: PGP 7.1qANQR1DBwU4DSL6Q3OHRwOYQB/9pKnnhZGQRFwykWzBO1EWkzW336QOkUaHj0aVj

P1MgxDWQWi3kZpOfGnDg6kbQriWBiIgD/z8p5xGN+WcksytlLJv8OxvTGMepx7u8h5aVRXZd8YPM+h5ROpbnNw+SiT/w9oCy/ChWeiCHV1swQSzwBHx2Ye+yxO70Moxc...frAG3nM7kOnChQp4jxhv2J0p7fL1vteI9EGbcimC9QCVBwC1U++mQIqbTyIw5gWKIo11yl8P+wKjcHsLfi2hTE+NIRb+VORWhVoCDHgNKV1nSFNTK0LEnvz84OFyRc1z-----END PGP MESSAGE-----

<pgppassphrase!>…



Using the Forensic Toolkit (FTK) from Access data to

generate a list of keywords found on the disk and importto Password Recovert\y Toolkit (PRTK)

If the user purposefully or unintentionally stored pass

phrase on disk, it will be available in the keyword list

A PGP passphrase identified by PRTK



PRTK can also configured to use various dictionariesand customized suspect profile



PRTK then generates possible pass phrases usingentries in dictionary, suspect profile, and variouscombination of these strings.

PRTK attempting to guess pass phrase of PGP privatekey



As a last resort, the suspects machine can be monitored using software or hardware to obtain pass phrase:

Monitoring software and key logging are invasive and can raise privacy issue

Software:

Spectro Pro

Sub Seven

Back Orifice enable key logging

Remote file access

Hardware:

Have internal memory and record key stroke:

KeyGhost

Key Katcher



Thank you

ANY QUESTIONS….?