Global ETD Search

1	Automated Live Acquisition of Volatile Data : Through the use of a programmable HID control chip Berggren, Tommy, Denham-Smith, Adam January 2013 (has links) This research lays a foundation for automated acquisition of volatile data by presenting a prototype device which carries out the deeds of a forensic investigator, essentially making it a “forensic investigator on a stick”. The Teensy 3.0 device is programmed to interact with an external USB device for storage purposes. All interaction with a live target system must be documented thoroughly according to forensic best practices. Therefore quantitative measurements of system contamination related to the device actions are presented. The device is conclusively able to perform a memory dump and provide a warning of the existence of Truecrypt encrypted containers. Automation Live Acquisition Volatile Data Truecrypt Memory Dump Teensy
2	Minnet sviker Aldrig : Att utnyttja volatil data i Krypterade system Ringmann, Björn, Hildeblom, Peter January 2014 (has links) When the use of encryption amongst the regular computer user grows morewidespread than ever it makes the life of the IT-forensics experts difficult.Hampering the judicial investigations that otherwise could have lead to convictions. In this report we will treat the subject of crypto analysis with a focus on decrypting files and devices encrypted with the software TrueCrypt. A solution will be presented that can facilitate the future work involving encryption. The application DFEAT that has been developed during the writings of this report is faster than the corresponding software EFDD, and attacks both partitions and bitwise copies of entire harddrives where PKF fails.DFEAT is a lightweight application that is almost 50 times smaller compared to EFDD and 200 times smaller than PKF's portable version. Encryption decryption crypto analysis truecrypt Kryptering dekryptering kryptoanalys truecrypt Övrig annan teknik
3	Diskkrypteringsprestanda i GNU/Linux Ahlstedt, Sebastian, Granath Karlsson, David January 2013 (has links) This thesis compares the impact on disk performance in a GNU/Linux environmentwith three encryption algorithms: AES, Serpent and Twofish in three different implementations: DM-crypt, Loop-AES and Truecrypt. For all three algorithms a key length of 256 bits is used. The thesis shows that the least performance impact during data encryption, and thus file writing, is reached by using AES or Twofish encryption implemented in DM-crypt or TrueCrypt. The thesis shows that some data operations with a sufficiently low processor utilization barely affects disk performance at all if encrypted using the optimal implementation and algorithm. It is also discovered that the performance impact during data decryption, or file reading, can be minimized by using the most efficient implementation and algorithm. The best results are met with the AES or Twofish cipher, regardless of implementation. An important conclusion that is drawn is that it is hard to determine a superior encryption solution for all purposes. However, by reviewing and examining the collected data from all aspects of disk performance the AES implementation in TrueCrypt is, with small marginals, determined to be the most optimal. / Undersökningen jämför hur krypteringsalgoritmerna AES, Serpent och Twofish implementerade i DM-crypt, Loop-AES och TrueCrypt påverkar diskprestandan i en GNU/Linux-miljö. Samtliga krypteringsalgoritmer tillämpas med en nyckellängd på 256 bitar. Undersökningen visar att högst skrivhastighet och således krypteringshastighet uppnås med algoritmerna AES och Twofish i DM-crypt eller Truecrypt. Krypteringens påverkan på diskprestanda är beroende av vilka typer av operationer som utförs och hur hög processorsysselsättningsgraden är. Vid simplare I/O-operationer har den mest optimala krypteringslösningen knappt någon påverkan på diskprestandan överhuvudtaget. Undersökningen visar också att påverkan av prestanda vid dekryptering är minst vid tillämpning av AES eller Twofish oavsett implementering. En viktig slutsats som dras är att det inte finns en överlägsen krypteringslösning för samtliga användningsområden. Genom att sammanställa och granska insamlad data gällande samtliga aspekter beträffande diskprestanda fastställs TrueCrypts implementation av AES till att vara den mest optimala, trots små marginaler. Encryption AES Rijndael Serpent Twofish DM-crypt Loop-AES Truecrypt hard drive performance benchmark Kryptering AES Rijndael Serpent Twofish DM-crypt Loop-AES Truecrypt hårddisk prestandamätning
4	Performance differences in encryption software versus storage devices Olsson, Robin January 2012 (has links) This thesis looked at three encryption applications that all use the symmetric encryption algorithms AES, Twofish and Serpent but differ in their implementation and how this difference would illustrate itself in performance benchmarks depending on the type of storage device that they were used on. Three mechanical hard drives and one solid state drive were used in the performance benchmarks which measured a variety of different disk operations across the three encryption applications and their algorithms. From the benchmarks performance charts were produced which showed that DiskCryptor had the best performance when using a solid state drive and that TrueCrypt had the best performance when using mechanical hard drives. By choosing DiskCryptor as the encryption application when using a solid state drive a performance increase of 38.9% compared to BestCrypt and 28.4% compared to TrueCrypt was achieve when using the AES algorithm. It was also shown that Twofish was overall the best performing algorithm. The primary conclusion that can be drawn from this thesis is that it is important to choose the right encryption application depending on the type of storage device used in order to get the best performance possible. Encryption Symmetric Encryption AES Twofish Serpent TrueCrypt BestCrypt DiskCryptor SSD Mechanical hard drive Performance Benchmarks
5	Σχεδίαση και υλοποίηση ασφαλούς υπηρεσίας με χρήση ελλειπτικής κρυπτογραφίας Χριστόπουλος, Ρένος-Νεκτάριος 13 October 2013 (has links) Στην παρούσα διπλωματική υλοποιήθηκε η σχεδίαση και υλοποίηση ασφαλούς υπηρεσίας με χρήση ελλειπτικής κρυπτογραφίας. Τα κρυπτογραφικά συστήματα που βασίζονται στις ελλειπτικές καμπύλες αποτελούν ένα πολύ σημαντικό κομμάτι της κρυπτογραφίας δημόσιου κλειδιού και τα τελευταία χρόνια όλο και περισσότεροι επιστήμονες ασχολούνται με τη μελέτη τους. Το πλεονέκτημα των συστημάτων αυτών σε σχέση με τα συμβατικά κρυπτογραφικά συστήματα είναι ότι χρησιμοποιούν μικρότερες παραμέτρους και κλειδιά, προσφέροντας τα ίδια επίπεδα ασφάλειας. Σχετικά με το πρόβλημα της προστασίας ευαίσθητων δεδομένων σκληρού δίσκου ή άλλου αποθηκευτικού μέσου διευθυνσιοδοτούμενου κατά τομείς (sector-adressed storage media), χρησιμοποιείται η τεχνική της κρυπτογράφησης δίσκου (disk encryption). Ορισμένα από τα υπεύθυνα για την υλοποίηση της κρυπτογράφησης λογισμικά (disk encryption software) χρησιμοποιούν την μέθοδο κρυπτογράφησης σε πραγματικό χρόνο (on-the-fly/real-time encryption). Ο όρος on-the-fly έγκειται στο γεγονός ότι τα αρχεία γίνονται προσβάσιμα αμέσως μόλις προσφερθεί το κλειδί κρυπτογράφησης (encryption key) όλο το διαμέρισμα (volume) «προσαρτάται» (mounted) σαν να ήταν ένας φυσικός δίσκος κάνοντας τα αρχεία να «φαίνονται» αποκρυπτογραφημένα. Στην πλαίσιο αυτό τοποθετείται ο σκοπός του ερευνητικού μέρους της παρούσας εργασίας, που εντοπίζεται το ερώτημα της προσαρμογής βιβλιοθηκών που υλοποιούν κρυπτογραφία ελλειπτικών καμπυλών σε λογισμικό ικανό να κρυπτογραφεί «on the fly» φακέλους αρχείων και κατ΄ επέκταση σκληρούς δίσκους / - Κρυπτογράφηση δίσκου 005.82 Elliptic curve cryptography (ECC) Disk encryption On-the-fly Truecrypt
6	Detektering av krypterade filer Barkman, Linus January 2011 (has links) In contemporary encryption the vast amount of text subject to cracking has brought about the demand for methods distinguish files more likely to be encrypted. The encryption software Truecrypt can encrypt files that are not possible to identify with a file signature. To solve the detection problem, an algorithm sensitive to the absence of structure in the very code of files was developed. The program was written in the programming language EnScript which is built into the forensic software suite EnCase. The essential part of the algorithm therefore deployes the statistic of a chi-square test for deviance from a uniform distribution to distinguish files with contents that appear to be random. The program managed to detect encrypted files that were created with Truecrypt. Test results indicate that the newly developed program is nearly double as fast and has at least the same accuracy in the detection as other pro- grams. The software is licensed under open source standard GNU GPL. The procedure developed will drastically facilitate for computer forensic experts to detect if any existing encrypted file is located on the hard drive. Encrypted files encrypted volumes Computer forensic EnCase EnScript Truecrypt encrypted storage media Krypterade filer krypterade volymer IT-forensik EnCase EnScript Truecrypt krypterad lagringsmedia Information Systems Information Systems

1

Page generated in 0.031 seconds