TrueCrypt decryption key extraction method, terminal equipment and storage medium

TrueCrypt decryption key extraction method, terminal equipment and storage medium

The invention relates to a TrueCrypt decryption key extraction method, terminal equipment and a storage medium, and the method comprises the steps: firstly extracting all TrueCrypt.exe process information from a memory mirror image, and forming a process information set K; the method comprises the f...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SHAO BINGYANG, SHEN CHANGDA, LAN CHAOXIANG, HUANG ZHIWEI
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to a TrueCrypt decryption key extraction method, terminal equipment and a storage medium, and the method comprises the steps: firstly extracting all TrueCrypt.exe process information from a memory mirror image, and forming a process information set K; the method comprises the following steps of: firstly, checking content formats of a K2 field, a masterkeydata field and a SectorSize field in a CRYPTOINFO structure of each element in the K in sequence, and taking the content of the masterkeydata field of the residual elements in the K as a master key of a TrueCrypt.exe process after the elements which do not meet requirements are removed. The encryption mode of the encryption container needs to be depended on, the master key of the encryption data of the encryption container can be extracted without knowing the password of the encryption container, and meanwhile the requirement for decryption of the evidence source is met. 本发明涉及一种TrueCrypt解密密钥提取方法、终端设备及存储介质,该方法中,首先从内存镜像中提取所有TrueCrypt.exe进程