Digital Forensics and Cyber Crime. Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers

Research Article

Protecting Digital Evidence Integrity by Using Smart Cards

Download
517 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-19513-6_9,
        author={Shahzad Saleem and Oliver Popov},
        title={Protecting Digital Evidence Integrity by Using Smart Cards},
        proceedings={Digital Forensics and Cyber Crime. Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers},
        proceedings_a={ICDF2C},
        year={2012},
        month={5},
        keywords={Digital Evidence Integrity Protection Smart Card Message Digest Digital Signature Forensics Examination Tools and Procedures},
        doi={10.1007/978-3-642-19513-6_9}
    }
    
  • Shahzad Saleem
    Oliver Popov
    Year: 2012
    Protecting Digital Evidence Integrity by Using Smart Cards
    ICDF2C
    Springer
    DOI: 10.1007/978-3-642-19513-6_9
Shahzad Saleem1,*, Oliver Popov1,*
  • 1: DSV Stockholm University
*Contact email: shahzads@dsv.su.se, popov@dsv.su.se

Abstract

RFC 3227 provides general guidelines for digital evidence collection and archiving, while the International Organization on Computer Evidence offers guidelines for best practice in the digital forensic examination. In the light of these guidelines we will analyze integrity protection mechanism provided by EnCase and FTK which is mainly based on Message Digest Codes (MDCs). MDCs for integrity protection are not tamper proof, hence they can be forged. With the proposed model for protecting digital evidence integrity by using smart cards (PIDESC) that establishes a secure platform for digitally signing the MDC (in general for a whole range of cryptographic services) in combination with Public Key Cryptography (PKC), one can show that this weakness might be overcome.