Research Article
Investigating Encrypted Material
463 downloads
@INPROCEEDINGS{10.1007/978-3-642-02312-5_4, author={Niall McGrath and Pavel Gladyshev and Tahar Kechadi and Joe Carthy}, title={Investigating Encrypted Material}, proceedings={Forensics in Telecommunications, Information and Multimedia. Second International Conference, e-Forensics 2009, Adelaide, Australia, January 19-21, 2009, Revised Selected Papers}, proceedings_a={E-FORENSICS}, year={2012}, month={5}, keywords={Encryption Ciphertext OpenPGP RSA Public \& Private Keys}, doi={10.1007/978-3-642-02312-5_4} }
- Niall McGrath
Pavel Gladyshev
Tahar Kechadi
Joe Carthy
Year: 2012
Investigating Encrypted Material
E-FORENSICS
Springer
DOI: 10.1007/978-3-642-02312-5_4
Abstract
When encrypted material is discovered during a digital investigation and the investigator cannot decrypt the material then s/he is faced with the problem of how to determine the evidential value of the material. This research is proposing a methodology of extracting probative value from the encrypted file of a hybrid cryptosystem. The methodology also incorporates a technique for locating the original plaintext file. Since child pornography (KP) images and terrorist related information (TI) are transmitted in encrypted format the digital investigator must ask the question – who benefits or who is the recipient? By doing this the scope of the digital investigation can be extended to reveal the intended recipient.
Copyright © 2009–2024 ICST