| LUKS加密卷的离线解密技术分析 |
| |
| 引用本文: | 钱镜洁,;魏鹏,;沈长达.LUKS加密卷的离线解密技术分析[J].信息网络安全,2014(9):217-219. |
| |
| 作者姓名: | 钱镜洁 ;魏鹏 ;沈长达 |
| |
| 作者单位: | [1]厦门市美亚柏科信息股份有限公司,福建厦门361008; [2]厦门市美亚中敏电子科技有限公司,福建厦门361100 |
| |
| 摘 要: | LUKS是Linux系统下的常用的磁盘加密技术之一,通用于Linux的各个版本,具有支持多用户/密码对同一个设备的访问、加密密钥不依赖密码、可以改变密码而无需重新加密数据、采用一种数据分割技术来保存加密密钥保证密钥的安全性等特点。针对目前取证软件无法直接对LUKS加密分区的快速取证的问题,文章首先研究了LUKS加密分区的加密原理,并在此基础上提出了LUKS的解密方法,能够摆脱对Linux系统的依赖,极大提高了取证效率。
|
| 关 键 词: | 主密钥 密钥槽 分割的主密钥 取证 |
Analysis of Decrypting LUKS Encrypted Volume Oflfine |
| |
| Affiliation: | QIAN Jing-jie, WEI Peng, SHEN Chang-da (1. Xiamen Meiya Pico Information Co.,Ltd, Xiamen Fujian 361008, China; 2. Xiamen Meiya Zhongmin Electronic Technology Co.,Ltd, Xiamen Fujian 361100, China) |
| |
| Abstract: | LUKS as one of the popular disk encryption technology is common to all versions of Linux and has characteristics as follows: support multi-user / password access to the same device;master key does not rely on user password, the user password can be changed without re-encrypting the user data;use anti-forensic splitter to store the encrypted master key for the sake of safety. Given that most of current forensic software cannot obtain forensics quickly on LUKS volume, this paper researches the principles of LUKS encryption, and based on this, proposes a LUKS decryption method, dependent on the Linux system. This method can greatly improve the forensic efifciency. |
| |
| Keywords: | LUKS LUKS master key key slot split master key forensics |
| 本文献已被 维普 等数据库收录! |
|
