Skip to main content

Applications of Cryptography in Digital Forensics: Uses & Impact

Applications of Cryptography in Digital Forensics: Uses & Impact
Digital forensics solves crimes performed using electronic devices and computers by investigating and producing digital evidences against criminals. The use of cryptography and its techniques in digital forensics is widely increasing. Investigators are limited to information on devices that they can access. When a hard drive is completely encrypted, the digital forensic investigators have difficulty in finding the stored data and the investigative options are limited. Determining the level of encryption is the first step in digital forensics. Encryption, a cryptographic technique, thwarts digital forensics as it protects user's data from unauthorized access posing a great challenge to investigators. Cryptanalysis is a decryption technique that helps to retrieve the encrypted data and is useful for digital investigators.

Cryptography Schemes

Technology has spread its wings and it has its own advantages and disadvantages. While many make use of technology for good, a few use it for crime. Let us consider a few cryptography schemes and their effects on digital forensics.

Encryption

Encryption is scrambling of information which makes decoding the original data impossible for third parties without knowledge of a decoding key. Encryption makes the potential evidence unreadable by forensic officers or investigators. Criminals use many encryption schemes in order to conceal the data from investigators. Investigators must use decryption to retrieve the encrypted content, which is really difficult since is time consuming and in some cases is not possible at all when strong encryption schemes are used.
In 2007, US customs officers child pornography content on a Canadian citizen's laptop. The officers seized his laptop and charged him for transporting pornographic content across borders. The real problem arose when these officers tried to access the offending content. The content resided on a drive which was Pretty Good Privacy (PGP) encrypted. The forensic examiner was unable to access the content even after creating an image of the drive.

Steganography

Steganography is a famous encryption scheme which offers an addition security to encrypted data. It hides any kind of information inside commonly used file carriers and without altering its external appearance. Digital criminals or cyber-attackers use steganography to conceal their encrypted payload to hide data on their own systems or for attacks on vulnerable systems. It is hard for forensic examiners to identify this hidden information while investigating a crime.

Full Disk Encryption (FDE)

Full Disk Encryption encrypts the entire hard drive with files, data, software programs and operating system. This can be compared to locking all external entrances to your home so that no unwanted visitors enter your home. Forensic examiners who do not identify the presence of full disk encryption often risk not being able to view any data in its logical form. A forensic preview must be performed to identify the type of encryption used and to detect an efficient forensic duplicate retrieval method. During forensic reviews, experienced investigators look for the absence of folder structure, FDE boot loader and other such patterns which are associated with FDE systems. The best method of creating a forensic copy is removing hard drives and connecting them to acquisition systems. SafeBoot is an FDE software that makes all data unreadable, starting from first sector even with a decryption key or passphrase. 

Comments

Post a Comment

Welcome.

Popular posts from this blog

United Nations Conference on Trade and Development

United Nations Conference on Trade and Development The  United Nations Conference on Trade and Development  ( UNCTAD ) was established in 1964 as a permanent intergovernmental body. UNCTAD is the part of the  United Nations Secretariat  dealing with trade, investment, and development issues. The organization's goals are to: "maximize the  trade ,  investment  and development opportunities of  developing countries  and assist them in their efforts to integrate into the world economy on an equitable basis". UNCTAD was established by the  United Nations General Assembly  in 1964 and it reports to the UN General Assembly and  United Nations Economic and Social Council . [1] The primary objective of UNCTAD is to formulate policies relating to all aspects of development including trade, aid, transport, finance and technology. The conference ordinarily meets once in four years; the permanent secretariat is in Geneva.
Post a Comment
Read more

Digital Forensics and Encryption

Digital Forensics and Encryption The use of encryption technology to protect computer data is growing—and that fact presents a challenge for forensic investigators. Without a decryption key, forensic tools cannot be used to find digital evidence. Even with the key, searching encrypted data can be tricky and time consuming. Below are some answers to common questions about trends in the use of encryption and what investigators can do to get as much evidence as possible from an encrypted file or drive.
Post a Comment
Read more

Cryptography - Wikipedia

Cryptography Cryptography  or  cryptology  (from  Ancient Greek :  κρυπτός ,  romanized :  kryptós  "hidden, secret"; and  γράφειν   graphein , "to write", or  -λογία   -logia , "study", respectively [1] ) is the practice and study of techniques for  secure communication  in the presence of third parties called  adversaries . [2]  More generally, cryptography is about constructing and analyzing  protocols  that prevent third parties or the public from reading private messages; [3]  various aspects in  information security  such as data  confidentiality ,  data integrity ,  authentication , and  non-repudiation [4]  are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of  mathematics ,  computer science ,  electrical engineering ,  communication science , and  physics . Applications...
Post a Comment
Read more