Analysis of encryption mechanism in KeePass Password Safe 2.30

摘要

In the Internet era, there are a lot of places that require a password, such as login forum, e-mile, MSN, etc. How to effectively remember the password? It has become a required course to people. KeePass Password Safe is designed to solve the problem that human can't remember so many passwords, which contains a strong password generation engine and encryption storage function, and provides a secure password storage space, As a result, people may manage all the password safely only need to remember an initial password, and the security of the document mainly through the software's own encryption functions to ensure. But with the new method of crack and the speed of the computer running speed, its security has been on a risk. In this paper, we analyzed the latest version of KeePass encryption/decryption mechanism, and then designed a comparison experiment with earlier version, the experiment used brute-force means to recover the password on CPU-based platform and GPU-based platform respectively. We analyzed the security of KeePass through the experiment result at last.