Analysis of the Possibility of Password Break through for RAR, ZIP and 7z Formats

Práce se zabývá užitím techniky lámání hesel u běžných komprimačních formátů a extrakcí hesel ze samorozbalovacích archivů, které se využívají pro potřeby malware. Jsou zde popsány struktury komprimačních formátů, šifry a jejich propojení s komprimačními formáty. Zmíněny jsou i běžné a specializované útoky na archivy a jejich šifry. Následně jsou popsány struktury samorozbalovacích archivů a extrakce hesla, umožňující spuštění samorozbalovacího archivu.This Thesis deals with analysis of the possiblity of password breakthrough for common compression formats and password extraction from self-extraction archives used for malicious software. Structure of compression programs, ciphers and connection between cipher and archives is described. Common and specialized attacks on archives and ciphers are described. Structure of self-extracting archives and password location is used to create extractor of passwords in self-extracting archives.

Análisis de herramientas y técnicas de apoyo a la recuperación de información cifrada

El proyecto aborda el problema de la optimización de los procesos de descifrado de evidencias informáticas protegidas con contraseña. En este proyecto se analizan alternativas tecnológicas para la realización de una plataforma de tratamiento masivo de información cifrada utilizando la tecnología GPGPU (General-Purpose Computing on Graphics Processing Units) para procesar datos. Dentro de este contexto, también se estudia la viabilidad de la utilización de esta tecnología GPU dentro de un entorno de virtualización basado en Xen y se adaptan soluciones existentes para poder utilizar la tarjeta gráfica nativa por los huéspedes virtuales. El objetivo final que se persigue es posibilitar la integración de distintas herramientas de descifrado en una misma plataforma con independencia del sistema operativo para el que fueron desarrolladas.The project addresses the problem of decrypting password-protected computer evidences. This project will analyze differents technological alternatives in order to achieve the realization of a decryption platform using the GPGPU technology (General-Purpose Computing on Graphics Processing Units) to process data. Within this context, the project examines the feasibility of using this GPU technology within a virtualization environment based on Xen and adapt existing solutions to use the native graphics card inside the virtual guests. The ultimate goal pursued is to enable the integration of various cracking tools on the same system despite of the operating system for which they were developed

Analysis of the WinZip encryption method

WinZip is a popular compression utility for Microsoft Windows computers, the latest version of which is advertised as having \easy-to-use AES encryption to protect your sensitive data." We exhibit several attacks against WinZip's new encryption method, dubbed \AE-2" or \Advanced Encryption, version two." We then discuss secure alternatives. Since at a high level the underlying WinZip encryption method appears secure (the core is exactly Encryptthen -Authenticate using AES-CTR and HMAC-SHA1), and since one of our attacks was made possible because of the way that WinZip Computing, Inc. decided to x a dierent security problem with its previous encryption method AE-1, our attacks further underscore the subtlety of designing cryptographically secure software