Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Deciphering method and system of data protection application programming interface (DPAPI) enciphered data

A technology for encrypting data and data sources, applied in the field of data decryption methods and systems, it can solve problems such as different security functions, polluted data, and software that cannot meet cross-platform requirements, and achieves the effect of meeting cross-platform requirements.

Active Publication Date: 2013-05-22
XIAMEN MEIYA PICO INFORMATION
View PDF3 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This forensics method directly depends on the operating system of the target source, and it is likely to pollute the data of the target source during the operation of the operating system, and cannot meet the read-only requirements of the target data source.
Although some software in foreign countries can realize the offline decryption of DPAPI, they are all realized by directly calling the encryption application programming interface (CryptoAPI), and have not analyzed and implemented the internal algorithm of the CryptoAPI interface, because CryptoAPI directly depends on the Windows operating system Moreover, different operating systems support different security functions, which makes these software unable to meet the cross-platform requirements, and even cannot be decrypted normally on some versions of Windows systems.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deciphering method and system of data protection application programming interface (DPAPI) enciphered data
  • Deciphering method and system of data protection application programming interface (DPAPI) enciphered data
  • Deciphering method and system of data protection application programming interface (DPAPI) enciphered data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] First, in order to better understand the present invention, concepts related to DPAPI will be briefly introduced below.

[0071] (1) CryptoAPI (Cryptography Application Programming Interface, CryptoAPI) is a set of functions provided by the Windows platform, which allows applications to encode, encrypt, and digitally sign users' secret information. The cryptographic operations inside the CryptAPI functions are performed in separate modules of the cryptographic service provider.

[0072] (2) Cryptographic Service Provider (Cryptographic Service Provider, CSP) is a combination of hardware and software that implements standard encryption and signature algorithms. Each CSP contains a set of functions that they define and implement. Different CSPs provide different security algorithms, and CSPs are platform-dependent. Different versions of Windows operating systems provide different numbers and types of CPSs. And each CSP has its corresponding name and type, and the name mu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a deciphering method and system of data protection application programming interface (DPAPI) enciphered data. The method comprises the following steps: loading a device, wherein a data source is in the device, identifying a system partition from the data source and reading files in the system partition, wherein the Windows system is in the system partition, acquiring files which need to be deciphered and master key files of all users, acquiring all DPAPI enciphered blocks from the files which need to be deciphered, analyzing all the DPAPI enciphered blocks to acquire the first deciphering key information which comprises encipherment secret key unique identification, acquiring the master key files of each DPAPI enciphered block according to the encipherment secret key unique identification, analyzing the master key files to acquire the second deciphering key information which comprises a second annoyance value and a second secret key derive function iteration based on commands, and deciphering the DPAPI enciphered blocks according to a login password, system entropy parameters, the first deciphering key information and the second deciphering key information. The method and the system can achieve read only operation of the data source and meet the need of cross-platform without restriction of operating system.

Description

technical field [0001] The present invention relates to a data decryption method and system, in particular, to a decryption method and a decryption system for DPAPI encrypted data. Background technique [0002] Microsoft has introduced an easy-to-use application data protection interface (Data Protect Application-Programming Interface, DPAPI) since Windows 2000, which is used to provide system-level data protection for user programs and operating systems. In the Windows system, various private data such as wireless network passwords, Internet access passwords, and private keys of encrypted file systems are all encrypted and stored with DPAPI. However, the encryption mechanism of DPAPI is extremely complicated, and Microsoft has never disclosed any technical details about DPAPI. Therefore, , it is very difficult to understand the internal implementation mechanism of DPAPI. [0003] At present, no one in China has studied the offline decryption method of DPAPI, and there are...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/62H04L9/06
Inventor 陈江勇钱镜洁林艺滨
Owner XIAMEN MEIYA PICO INFORMATION
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com