C'est parfois effrayant:
[...] it was very interesting to examine the Outlook 2003 PST files. This file format has three levels of encryption. “None“, “Compressible Encryption” and “Best Encryption” with “Compressible Encryption” being the default.
“None” is not encrypting the data at all - just like the Netscape Mail example.
“Compressible Encryption” is simply a substitution cipher. It is exactly what the “secret decoder ring” does; it is also called a Caesar cipher. For data, a particular byte always gets substituted by a fixed other one. That is why the PST file still compresses well. It just obscures the data and would have stopped my naïve Notepad attack. But this would not stop any forensic software from undoing this substitution on the fly.
“Best Encryption” is similar but the substitution table changes depending on the data’s position. This also can be automatically undone without the password.
Aucun commentaire:
Enregistrer un commentaire