摘要
随着7-Zip软件的广泛使用,快速恢复7-Zip加密文件口令对信息安全中的电子取证有着充分的现实意义。目前针对7-Zip加密文件的口令恢复问题,主要依靠219轮SHA256产生AES256密钥结合循环冗余校验(Cyclic Redundancy Check,CRC)校验码验证的方法,效率不高。通过研究7-Zip加密文件的明文统计特征,提出使用明文特征进行验证的快速口令恢复算法;通过分析7-Zip加密流程的脆弱性,提出使用密钥表进行解密的快速口令恢复算法。实验数据表明,设计的算法大幅度减少了计算量,在CPU上与目前业界使用最广泛的John破解软件相比,其口令破解速度可提升数千倍。
With the widespread use of 7-Zip software,the rapid recovery of 7-Zip encrypted file passwords is of practical significance for electronic forensics in information security.At present,the password recovery of 7-Zip encrypted files mainly depends on 219 rounds of SHA256 to generate AES256 keys combined with CRC verification code,which is inefficient.This paper proposes a fast password recovery algorithm using plaintext characteristics for verification by studying the plaintext statistical characteristics of 7-Zip encrypted files.By analyzing the vulnerability of 7-Zip encryption process,a fast password recovery algorithm using key table for decryption is proposed.The experimental data shows that the algorithm designed in this paper greatly reduces the amount of computation.Compared with the most widely used John cracking software in the industry,its password cracking speed can be improved thousands of times.
作者
程鹏文
颜学雄
章明
CHENG Pengwen;YAN Xuexiong;ZHANG Ming(Unit 61726,Wuhan 430079,China;Information Engineering University,Zhengzhou 450001,China)
出处
《信息工程大学学报》
2024年第1期45-51,共7页
Journal of Information Engineering University
