| With the continuous development of information technology, information security has beed paid great attention. As one of the current most popular encryption software products, PGP has formed a series of standards, such as email protection, after more than 10 years of studying and updating. The products are able to meet a certain user's security requirements in desktop and server field. However, with the applications range of PGP encryption technology increased, the phenomenon of passphrase, which protect the security of PGP keys, forgotten by users also increasing everyday, sometimes happened to be malicious tampering also. In addition, the continous improvement of criminal means, which using PGP to encrypt the information during transmission and storage, is not conducive to the process of crime forensics. At present, there are some PGP decryption products based on passphrase abroad, has advantages in performance, but high charge stopped them widely being used in China, and didn't find the decyption algorithm proposed independently at home. Therefore, the studying on PGP's decryption against passphrase has a great of significance for key recovery and crime forensics in domestic.This paper firstly introduced the definition and classification of the technology of file encryption and dynamic encryption, made clear in PGP's dynamic encryption technology and related cryptographic algorithms. On this basis, used the existing PGP system's mail encryption and disk encryption as object, PGP SDK for reference, analysised the various types of cipher technolgy used in PGP and internal encryption process comprehensively, including PGP's work mode, the working priciple and function realization of PGP mail encryption, disk encryption and key management. Based on the technology of brute force, proposed the PGP cracking algorithm against passphrase.During the design and implementation of PGP's cracking algorithm, focused on analyzing the S2K algorithm used in PGP's passphrase encryption and the circulation process of hash algorithm against passphrase, used RSA algorithm as an example to analyze the validation process of passphrase by private key. Using Visual C++ as development environment, indenpently designed and implemented the brute force algorithm for PGP files'decryption against passphrase. Confirmed the research's feasibility and efficiency after analyzing and comparing the independent algorithm's performance. Finally, prospect the further research on the technique of passphrase encryption and brute force on PGP. |
PDF Full Text Request