本文为布拉格捷克理工大学（作者：Jan Vojtˇeˇsek）的学士论文，共75页。

本文重点研究了一个磁盘加密应用程序BestCrypt卷加密的逆向工程和安全性分析，详细描述了用于文件修复过程的以前未记录的二进制文件格式。在执行安全分析过程中发现了几个漏洞和错误。本文详细讨论了这些漏洞中的每一个，并给出了该漏洞如何影响常规用户的安全示例。作者还与BestCrypt卷加密的开发人员合作，以修复或减轻这些漏洞的不利影响。本文还介绍了一种工具，它可以使某些类Unix系统上装载加密卷成为可能。

This thesis focuses on reverse engineeringand security analysis of a disk encryption application called BestCrypt VolumeEncryption. It provides a detailed description of a previously undocumentedbinary file format used for rescue procedures. Several vulnerabilities and bugswere found during the performed security analysis. Each of thosevulnerabilities is discussed in detail and an example of how this vulnerabilitymight affect the security of regular users is given. The author also cooperatedwith the developers of BestCrypt Volume Encryption in order to fix or at leastmitigate those vulnerabilities. A tool that makes it possible to mountencrypted volumes on some Unix-like systems is also presented.

1 BestCrypt卷加密

2 逆向工程

3 修复文件内容

4 安全分析的结果

5 开发工具

更多精彩文章请关注公众号：