Revision as of 04:41, 5 April 2014 edit Advadv (talk \| contribs) 4 edits mNo edit summary ← Previous edit		Revision as of 09:11, 5 April 2014 edit undo Advadv (talk \| contribs) 4 edits m Fixing typo raised by BracketBot Next edit →
Line 5: The [[DPAPI]] keys used for encrypting the user's RSA keys are stored under "%APPDATA%\Microsoft\Protect\{[[Security Identifier\|SID]]}", where {[[Security Identifier\|SID]]} is the security identifier of that user. The DPAPI key is stored in the same file as the master key that protects the users private keys. It usually is 64 bytes of random data. Though the [[DPAPI]] internals are largely undocumented by Microsoft, Passcape Software [http://www.passcape.com/index.php?section=forum&cmd=thread&id=23 claims] they fully reversed the [[DPAPI]] algorithm in 2005. In 2010 [[Elie Bursztein]] and [[Jean-Michel Picod]] presented an analysis of the protocol titled ''Reversing DPAPI and Stealing Windows Secrets Offline'' at [http://www.blackhat.com/html/bh-dc-10/bh-dc-10-briefings.html Black Hat DC 2010]. In addition to their briefing, Bursztein and Picod released [http://www.dpapick.com DPAPIck] which allows offline decryption of data encrypted with [[DPAPI]]. In 2012 Passcape Software published in their blog more detailed article on [http://passcape.com/index.php?section=blog&cmd=details&id=20 DPAPI internal logic] and presented [http://passcape.com/windows_password_recovery_dpapi_decoder a tool]] for fully DPAPI offline decryption and analysis. Unlike previous one, the tool utilizes some old Windows bugs (for example, you can decrypt Windows 2000 [[DPAPI]] blobs without knowing the owner logon password) and is fully compatible with Windows 8 [[DPAPI]] data structure. In Windows 8 Microsoft changed the way the [[DPAPI]] logic works. Now multiple user keys can be used to derive an encryption key to decrypt the user masterkey which is used then to decode a single [[DPAPI]] blob. ==Security properties==

Data Protection API: Difference between revisions