Forensics in Telecommunications, Information and Multimedia. Second International Conference, e-Forensics 2009, Adelaide, Australia, January 19-21, 2009, Revised Selected Papers

Research Article

Investigating Encrypted Material

Download
440 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-642-02312-5_4,
    author={Niall McGrath and Pavel Gladyshev and Tahar Kechadi and Joe Carthy},
    title={Investigating Encrypted Material},
    proceedings={Forensics in Telecommunications, Information and Multimedia. Second International Conference, e-Forensics 2009, Adelaide, Australia, January 19-21, 2009, Revised Selected Papers},
    proceedings_a={E-FORENSICS},
    year={2012},
    month={5},
    keywords={Encryption Ciphertext OpenPGP RSA Public \& Private Keys},
    doi={10.1007/978-3-642-02312-5_4}
}
  • Niall McGrath
    Pavel Gladyshev
    Tahar Kechadi
    Joe Carthy
    Year: 2012
    Investigating Encrypted Material
    E-FORENSICS
    Springer
    DOI: 10.1007/978-3-642-02312-5_4
Niall McGrath1, Pavel Gladyshev1, Tahar Kechadi1, Joe Carthy1
  • 1: University College Dublin

Abstract

When encrypted material is discovered during a digital investigation and the investigator cannot decrypt the material then s/he is faced with the problem of how to determine the evidential value of the material. This research is proposing a methodology of extracting probative value from the encrypted file of a hybrid cryptosystem. The methodology also incorporates a technique for locating the original plaintext file. Since child pornography (KP) images and terrorist related information (TI) are transmitted in encrypted format the digital investigator must ask the question – who benefits or who is the recipient? By doing this the scope of the digital investigation can be extended to reveal the intended recipient.

Keywords
Encryption Ciphertext OpenPGP RSA Public & Private Keys
Published
2012-05-11
http://dx.doi.org/10.1007/978-3-642-02312-5_4
Copyright © 2009–2024 ICST