数据加密原理分析及解密工具开发在一起案件中的应用

由于违法犯罪嫌疑人反侦查意识的增强,涉案的TF卡、U盘等存储介质内往往含有加密文件。在这些加密数据中往往包含着对侦查、起诉更有价值的信息。在这种情况下,对其中的数据进行解密成为数据能否成功提取的关键。本文针对一起涉及邪教案件中的加密解密原理进行研究,详细分析了基于异或运算的加密原理、解密原理及其方法,从而根据原理设计可以快速获取密钥的解密软件。在本案中,检验人员从检材中提取出加密程序,进行加密实验,通过对比加密前和加密后的数据,分析加密原理,研究解密方法。为了提高解密效率,检验人员通过C#语言开发Windows窗体应用程序,设计出了解密工具TFCrack。通过TFCrack可以方便快速获取密码,通过获取的密码可以快速解析出隐藏的数据。

Tool Development from Analysis into the Principle of Data En-/Decrypting through a Case Solving

With the aggravation of anti-investigation awareness of criminal suspects,the encrypted fi les are often found in the case-involving TF cards,U disks and other storage media.These encrypted data ordinarily contain valuable information for investigation and prosecution so that decrypting the data becomes crucial for the data to extract successfully.Here,the principle of data encryption and decryption was explored into a cult-involving case based on XOR operation,thereby making it designed of the decryption software that can acquire the relevant passwords rapidly.Accordingly,the investigators extracted the encryption program from the tested materials,reversely conducting the encryption verifi cation through analyzing both the principle and method into the encrypting/decrypting data before and after ciphering.In order to improve the effi ciency of decryption,the investigators further developed one Windows-performing application through C#language,having devised a decryption tool,TFCrack.Therefore,the passwords can be easily and quickly obtained,and the hidden data resolved swiftly.