ABSTRACT of Acquiring Windows Operating System Credentials Through Bitlocker: A Digital Forensic Approach
BitLocker encrypts every piece of information kept on a computer’s hard drive or solid-state drive, rendering it inaccessible to anyone who doesn’t have the right password or decryption key. The main aim of the study was to acquire the Windows operating system credentials through the utilization of BitLocker encryption. The primary objective was to explore various methods and tools, specifically bitlocker2john and Hashcat, to extract BitLocker encryption keys during the digital forensic acquisition process. It was necessary studying the encryption algorithms utilized in BitLocker, the encryption settings, the group policy settings, and the different tools that can be used for the retrieval of the decryption credentials. Using imaging, hash extraction, and password attacks, the analysis successfully recovered BitLocker encryption keys by applying hash values, salt, and encryption algorithms. The study concluded that the findings have important implications for digital forensic investigations and data security.
Keywords: Encryption, Decryption, Recovery keys, encryption algorithm operating system, BitLocker.
“Thoughtfully researched and eloquently penned by Manasa K“
LinkedIn profile: https://www.linkedin.com/in/manasa-k-gowda-359aaa183
Read More: Cyber Forensics
Note: “Respectfully, refrain from duplicating this content as all rights belong to the esteemed author and the blog site.”