- Email: [email protected]
Penetrating encrypted evidence
Digital Investigation (2004) 1, 102e105
www.elsevier.com/locate/diin
Penetrating encrypted evidence Hank Wolfe University of Otago, Computer Security, Forensics, Information Science Department, Commerce Building, Corner of Clyde, Union Streets, Dunedin, New Zealand
Introduction Inevitably, every investigator will encounter suspect hard drives and other media that has been encrypted. In the first instance, the accused will be asked and possibly directed by the Court to provide the keys necessary for decryption of data files or entire hard drives. The final decision, however, rests with the accused. In some jurisdictions, the accused will be held in contempt if he/she refuses to provide the keys and potentially incarcerated until such time as the keys are produced. Some jurisdictions will not hold a suspect for very long and you may be left with encrypted evidentiary media and no cooperation by the accused. In one case that I am aware of, the accused claimed ‘‘in the excitement of being arrested and being interrogated, I forgot the keys. I really want to cooperate and do the right thing but I just can’t remember them.’’ At this point the investigators had a couple of choices. First they could give upd in most cases this course of action is neither desired nor taken. Second they could ‘‘persuade’’ the accused to cooperate by any number of means (rubber hose, electric cattle prod, telephone book, etc.). However strongly we may occasionally believe that one or more of these techniques are warranted, in most jurisdictions such actions are frowned upon. Therefore, this choice makes good copy but bad investigative technique. The last choice is to employ one or more technical procedures and/or devices to obtain the relevant keys. In this article, I will describe two separate cases where such techniques were successful. We must
be mindful that at the end of the day, after all of these have been exhausted, we may be no closer to a solution than before. The chance of success is well worth the effort and these processes should become another of the tools in our forensic toolbox to be employed wherever appropriate.
Case #1: social engineering This is a civil case between a husband and wife. She claims that he has, within the data on his computer, secreted information about and the location of assets that should be included within the divorce settlement. He claims that there are no other assets and that his computer does not contain anything that is relevant to the divorce. We were engaged by the wife’s attorney. This was a rather sensitive case for us since the husband was a police officer. We provide pro bono assistance to the police when asked and we had to think about this a bit before accepting. When teaching forensics, one of the main topics that I cover is the ethics of this profession. I believe that the only thing that we have to sell is our integrity. Once that integrity is compromised, in even the slightest way, it becomes almost impossible to regain the confidence and trust held before. When doing an investigation, our job is to find the truth and present it without colour. We should never be in the business of ‘‘getting’’ anyone. So we accepted the case. The attorneys for both parties agreed that we could have possession of the suspect computer
1742-2876/$ - see front matter ª 2004 Elsevier Ltd. All rights reserved. doi:10.1016/j.diin.2004.04.002
Penetrating encrypted evidence for 24 hours. It was delivered and retrieved at the appointed time and place. During 24 hours we went through the normal procedures of acquisition, verification and production of an evidentiary copy. Later we were very pleased to be told that the individual was astounded that he could not see any indication that we had even started his machine updnor should he have. Anyway we proceeded to set up a clone of his system to have a cursory look at what was there. During the process, we discovered that a partition was encrypted. Keys were requested through the normal channels but were not forthcoming. After some further analysis we were able to identify the encryption software, version, vender and algorithm1 used. We could find no known successful attacks of either the software or the algorithm used. At this point, I suppose, we could have given up but we persevered. Before attempting other tools, I always like to use some good old fashion social engineering. Everyone has something that is important to them. Bikers, for example, are loyal to their particular brand of motorcycle. In one of my classroom exercises, we use this technique to guess passwords. One of my tutors was a biker. Knowing this and that he was a fan of Harley Davidson, I guessed that his password might be Harley or Davidson. The guess was correct. It does not always work but it is always worth a try. In this case we knew a bit about the individual. We knew that he was a police officer and that he had a wife, children and girlfriend. It seemed like a good bet that a police officer’s badge number would be an important number to him and 1
The algorithm used was Blowfish: It was developed by Schneier (1996), the author of Applied Cryptography. ‘‘Blowfish is a 64-bit block cipher with a variable-length key’’ (see page 336) that length is up to 448-bits. It has been around for about 10 years and the cryptographic community has examined it at some length and no known successful cryptologic attack exists. That leaves only a brute force attack. The number of bits (with respect to key length) refers to the number of possible keys in the key spacedin this case 2 raised to the power of 448da number too large to contemplate. The strength of any cryptographic algorithm is measured by two attributes. First, that after experimenting with known cryptanalytic methods that it has not been successfully attacked which translates that it is a strong algorithm. Second, the number of potential keys is so large as to make it impossible to use a brute force attack (cycling through ALL of the keys until the right one is found) successfully in a timely way, which translates that it is computationally secure. Both attributes are critical to the assessment of the security provided by any cryptographic algorithm. Products that make use of known to be secure cryptographic algorithms add a further dimension in their implementation. If the implementation is done with care the outcome will be a secure system. If it is not done with care, that fact and exploiting it may be all that is needed to make a successful attack i.e. Password Recovery Tool Kit.
103 I therefore used his number as the text string to do the first search. This returned six hits. Each had a different name associated with the numberdwife, child, girlfriend. I thought that trying the six potential keys would be easy and did so while I was considering the next search stringd when number three worked. No, we did not find the money because it was not there, however, we did find history of other activities on the target machine that was pertinent to the case. The lesson here is that often-simple methods can be very effective. We were clearly lucky; however, it is human nature to create keys and passwords that are easily remembered. Most often they use names of family, sports heroes, boats (if they have one), and other words that are important to their personalities. As forensic investigators, it is part of our job to find out all that we can about the accused and his/her background. This information may be useful when encryption is encountered and cooperation is withheld.
Case #2: surveillance This is a criminal case involving child pornography. Our first knowledge of the case occurred when the police called and said that they had arrested an individual and indicted him on one count of child pornographydbased on evidence found in his domicile. They had, as a normal part of their investigation, seized his computer, transported it and all of the associated gear back to their laboratory. After going through the normal acquisition process and creating a clone on which to work, they discovered that a substantial portion of the files on the machine had been encrypted. They had through their own analysis discovered what encryption product was used, the version and what algorithm that was likely to be invoked. Once again, after further research, it was concluded that the product and algorithm had not been successfully attacked (the algorithm used was Blowfishdrefer to the footnote 1). The suspect was directed to produce the keys and claimed amnesia and further asserted that he really wanted to cooperate but just could not remember. And further that if he eventually did remember he would be sure to provide them to the investigators. No keys were forthcoming. The police called and after describing the case their request to me was ‘‘would you be willing to crack the code’’? A long discussion about why I could not ‘‘crack the code’’ ensued, however, they insisted that they needed to talk to me in person
104 about the case and to see if we could not come up with some ideas as to how to find the keys or otherwise gain unobstructed access to the encrypted data. I agreed and the next day they arrived at my office. We spent the afternoon talking about several approaches that could produce results under the right conditions. After the usual jokes about the rubber hose/telephone book technique, we got down to business. We talked about the scenario discussed in Case #1. We talked about tools such as those produced by AccessData2 (the Password Recovery Toolkit) and others. The police professionals that I have had the privilege of working with are not dummies. They had tried these tools and were not successful. I suggested that they consider another approach and perhaps under the right conditions, tools like D.I.R.T.3 or STARR4 or KeyKatch5 or KeyGhost6 might prove to be successful. I also suggested that another approach using electromagnetic emanations might also prove usefuldall, of course, with the appropriate warrants in place. For those not familiar with D.I.R.T. or STARR, these software tools work very much like NetBus or Back Orifice. They are installed on the target machine by various means (riding on a virus or a Trojan, or surreptitious direct installation) and thereafter, the target machine will report selected information, based on how the surveillance software is configured, back to their mastersdin this case the police (the FBI use a similar tool called Magic Lantern). These tools can intercept and record keystrokes among other things and 2 AccessData Corporation: This company provides more than 50 single modules each of which is designed to derive the password from a file that has been encrypted with the specific application such as Microsoft Word for example. The Password Recovery Tool Kit incorporates all of these plus a feature that provides for doing a dictionary attack (automated password guessing based on a dictionary of words, compiled by the investigator, that are important to the suspect). Information may be obtained directly from the vender at: www.accessdata. com/. 3 D.I.R.T.: Data Interception by Remote Transmissiondis produced by Codex Data Systems, Inc. of Bardonia, New York. It is a controlled tool and regulated (in the US) by Title 18 USC 2512. This is a Law enforcement only productdfurther information may be obtained directly from the vender at: www.codexdatasystems.com/menu.html. 4 STARR: STealth Activity Recorder & Reporterdthis is a PC & Internet Monitor produced by Iopus Software and further information may be obtained directly from the vender at: www.iopus.com.starr.htm. 5 KeyKatch: This device is produced by Codex Data Systems and further information may be obtained directly from the vender at: www.codexdatasystems.com/keykatch.html. 6 KeyGhost: This device is produced by KeyGhost Ltd. and further information may be obtained directly from the vender at: www.keyghost.com.
H. Wolfe transmit this information in encrypted form over the back channel when the target machine is connected to the Internet. In our case the keystroke recording function could potentially produce the keys to decrypt the suspect files. The advantage of these tools is that they are flexible and can capture, based on the way they have been configured, many different kinds of informationdincluding but not limited to key strokes. The disadvantage is that if a suspect machine was entirely encrypted, and the start-up process invoked key capture, these tools would not normally be active until AFTER key entry. Moreover, they may not even be able to be installed on a suspect machine that is entirely encrypted. KeyKatch and KeyGhost are physical devices about the size of your little finger that plug in between the keyboard and the processor and record all keystrokes (up to 2.5 megabytes in some models)dno software is required and therefore no unusual software process could be identified by the suspect. Most models are visible so an inspection would reveal their presence. KeyGhost produces a version that can be installed inside the target keyboard in about 15 min by someone with soldering skills. These must be retrieved and their contents downloaded to a text program like Wordpad or Notepad for further analysis. The advantage of these tools is that all keystrokes are captured and recorded within the devicedas long as there is power at the keyboard. This is important where the entire machine is encrypted. Since they are hardware, they do not interfere with nor would any software process on the suspect machine detect them. The disadvantage is that they are not flexible and can capture ONLY keystrokes and they must be retrieved to collect the information captured. Moreover, some models are visible and might be noticed (the keyboard internally installed model is, therefore, preferable). Electromagnetic transitions emanate from all electronic devices. With the right equipment, it is possible to receive those emanations and convert them back into their source form. For example a keyboard gives off these emanations for each keystroke. The emanations can be acquired from a reasonable distance covertly and converted back into the key codes. In short you can see and record what has been keyed on the target keyboard. The contents of a computer display unit can also be captured, interpreted and viewed by someone other than the operator at a distance. This technique is often referred to as the Van Eck (1985) effect based on the author’s name of one of the first articles published about this phenomenon.
Penetrating encrypted evidence Other keywords that also refer to the interception of various kinds of electromagnetic emanations are TEMPEST, HIJACK, and NONSTOP. Using this surveillance technique requires specialized electronic equipment consisting of, in the first instance, a highly directional and sensitive antenna. The antenna is directed at the approximate location of the target monitor or keyboard and the receiver (the second device) is then tuned and the signal may be amplified (the third device) on either side of the receiver but is fed from the receiver into a horizontal vertical sync generator (the fourth device) that translates the signal into one that can be displayed on a multi-sync monitor (the fifth device) and either monitored and/or recorded (a sixth device). These devices can be purchased separately or in some cases in combined form from various specialist surveillance venders or custom built. The technique may be illegal in some jurisdictions and may require a warrant for use. So, at the end of the day when the officers left, they had a number of techniques and software that they could try as well as a device that I had lent them. On their way home they chose a course of action. The next day they approached the Crown Prosecutor and revealed their plan. It was enthusiastically accepted and the appropriate warrants were issued. The plan was put into place and within 3 hours of executing the plan they had the keys that subsequently allowed them to decrypt the suspect’s files. This resulted in 19 counts being added to the original indictment and an assured conviction. Just as an aside, this particular case was a test case for our jurisdiction and preceded by months the Nicodemo Scarfo7 case that if it had
7
Nicodemo Scarfo: Under investigation by the FBI for several months prior to being indicted in December 2000, Scarfo used strong encryption to hide his alleged illegal activities. The FBI assumed that he would not cooperate and installed a key logger on his computer that captured his keys and made them available at their (the FBI’s) discretion. The Electronic Privacy Information Center has a pretty inclusive collection of documentation surrounding this case. Their web site is at: www.epic.org/crypto/scarfo.html.
105 gone to trial would have been the test case for the US. This case provides a couple of lessons. First of all, no one has all of the answers nor has any country cornered the market on investigative techniques. We all need to share our successful techniques and learn from each other and accept that we do not have all of the answers. The object after all is to prosecute the bad guys and to absolve the innocent. Second, it is possible to deal effectively with encrypted filesdnot all of the time and not in every case but much of the time. The techniques described have been and will continue to be successful and should be regarded as just another set of tools for the standard forensic tool kit.
References Schneier Bruce. Applied cryptography. 2nd ed. New York: John Wiley & Sons, Inc; 1996 [IBSN: 0-471-11709-9]. van Eck Wim. Electromagnetic radiation from video display units: an eavesdropping risk? Computers & Security 1985; 4(4):267e86. Elsevier Scientific, U.K. Available from: http://jya.com/emr.pdf.
Henry B. Wolfe has a long computing career spanning more than 43 years. He currently specializes in cryptographic problems that are related to forensic investigation, general computer security, surveillance, and electronic forensics teaching these topics to law enforcement (both in New Zealand and internationally) as well as at the graduate level in the University of Otago located in Dunedin, New Zealand where he is an Associate Professor.
www.elsevier.com/locate/diin
Penetrating encrypted evidence Hank Wolfe University of Otago, Computer Security, Forensics, Information Science Department, Commerce Building, Corner of Clyde, Union Streets, Dunedin, New Zealand
Introduction Inevitably, every investigator will encounter suspect hard drives and other media that has been encrypted. In the first instance, the accused will be asked and possibly directed by the Court to provide the keys necessary for decryption of data files or entire hard drives. The final decision, however, rests with the accused. In some jurisdictions, the accused will be held in contempt if he/she refuses to provide the keys and potentially incarcerated until such time as the keys are produced. Some jurisdictions will not hold a suspect for very long and you may be left with encrypted evidentiary media and no cooperation by the accused. In one case that I am aware of, the accused claimed ‘‘in the excitement of being arrested and being interrogated, I forgot the keys. I really want to cooperate and do the right thing but I just can’t remember them.’’ At this point the investigators had a couple of choices. First they could give upd in most cases this course of action is neither desired nor taken. Second they could ‘‘persuade’’ the accused to cooperate by any number of means (rubber hose, electric cattle prod, telephone book, etc.). However strongly we may occasionally believe that one or more of these techniques are warranted, in most jurisdictions such actions are frowned upon. Therefore, this choice makes good copy but bad investigative technique. The last choice is to employ one or more technical procedures and/or devices to obtain the relevant keys. In this article, I will describe two separate cases where such techniques were successful. We must
be mindful that at the end of the day, after all of these have been exhausted, we may be no closer to a solution than before. The chance of success is well worth the effort and these processes should become another of the tools in our forensic toolbox to be employed wherever appropriate.
Case #1: social engineering This is a civil case between a husband and wife. She claims that he has, within the data on his computer, secreted information about and the location of assets that should be included within the divorce settlement. He claims that there are no other assets and that his computer does not contain anything that is relevant to the divorce. We were engaged by the wife’s attorney. This was a rather sensitive case for us since the husband was a police officer. We provide pro bono assistance to the police when asked and we had to think about this a bit before accepting. When teaching forensics, one of the main topics that I cover is the ethics of this profession. I believe that the only thing that we have to sell is our integrity. Once that integrity is compromised, in even the slightest way, it becomes almost impossible to regain the confidence and trust held before. When doing an investigation, our job is to find the truth and present it without colour. We should never be in the business of ‘‘getting’’ anyone. So we accepted the case. The attorneys for both parties agreed that we could have possession of the suspect computer
1742-2876/$ - see front matter ª 2004 Elsevier Ltd. All rights reserved. doi:10.1016/j.diin.2004.04.002
Penetrating encrypted evidence for 24 hours. It was delivered and retrieved at the appointed time and place. During 24 hours we went through the normal procedures of acquisition, verification and production of an evidentiary copy. Later we were very pleased to be told that the individual was astounded that he could not see any indication that we had even started his machine updnor should he have. Anyway we proceeded to set up a clone of his system to have a cursory look at what was there. During the process, we discovered that a partition was encrypted. Keys were requested through the normal channels but were not forthcoming. After some further analysis we were able to identify the encryption software, version, vender and algorithm1 used. We could find no known successful attacks of either the software or the algorithm used. At this point, I suppose, we could have given up but we persevered. Before attempting other tools, I always like to use some good old fashion social engineering. Everyone has something that is important to them. Bikers, for example, are loyal to their particular brand of motorcycle. In one of my classroom exercises, we use this technique to guess passwords. One of my tutors was a biker. Knowing this and that he was a fan of Harley Davidson, I guessed that his password might be Harley or Davidson. The guess was correct. It does not always work but it is always worth a try. In this case we knew a bit about the individual. We knew that he was a police officer and that he had a wife, children and girlfriend. It seemed like a good bet that a police officer’s badge number would be an important number to him and 1
The algorithm used was Blowfish: It was developed by Schneier (1996), the author of Applied Cryptography. ‘‘Blowfish is a 64-bit block cipher with a variable-length key’’ (see page 336) that length is up to 448-bits. It has been around for about 10 years and the cryptographic community has examined it at some length and no known successful cryptologic attack exists. That leaves only a brute force attack. The number of bits (with respect to key length) refers to the number of possible keys in the key spacedin this case 2 raised to the power of 448da number too large to contemplate. The strength of any cryptographic algorithm is measured by two attributes. First, that after experimenting with known cryptanalytic methods that it has not been successfully attacked which translates that it is a strong algorithm. Second, the number of potential keys is so large as to make it impossible to use a brute force attack (cycling through ALL of the keys until the right one is found) successfully in a timely way, which translates that it is computationally secure. Both attributes are critical to the assessment of the security provided by any cryptographic algorithm. Products that make use of known to be secure cryptographic algorithms add a further dimension in their implementation. If the implementation is done with care the outcome will be a secure system. If it is not done with care, that fact and exploiting it may be all that is needed to make a successful attack i.e. Password Recovery Tool Kit.
103 I therefore used his number as the text string to do the first search. This returned six hits. Each had a different name associated with the numberdwife, child, girlfriend. I thought that trying the six potential keys would be easy and did so while I was considering the next search stringd when number three worked. No, we did not find the money because it was not there, however, we did find history of other activities on the target machine that was pertinent to the case. The lesson here is that often-simple methods can be very effective. We were clearly lucky; however, it is human nature to create keys and passwords that are easily remembered. Most often they use names of family, sports heroes, boats (if they have one), and other words that are important to their personalities. As forensic investigators, it is part of our job to find out all that we can about the accused and his/her background. This information may be useful when encryption is encountered and cooperation is withheld.
Case #2: surveillance This is a criminal case involving child pornography. Our first knowledge of the case occurred when the police called and said that they had arrested an individual and indicted him on one count of child pornographydbased on evidence found in his domicile. They had, as a normal part of their investigation, seized his computer, transported it and all of the associated gear back to their laboratory. After going through the normal acquisition process and creating a clone on which to work, they discovered that a substantial portion of the files on the machine had been encrypted. They had through their own analysis discovered what encryption product was used, the version and what algorithm that was likely to be invoked. Once again, after further research, it was concluded that the product and algorithm had not been successfully attacked (the algorithm used was Blowfishdrefer to the footnote 1). The suspect was directed to produce the keys and claimed amnesia and further asserted that he really wanted to cooperate but just could not remember. And further that if he eventually did remember he would be sure to provide them to the investigators. No keys were forthcoming. The police called and after describing the case their request to me was ‘‘would you be willing to crack the code’’? A long discussion about why I could not ‘‘crack the code’’ ensued, however, they insisted that they needed to talk to me in person
104 about the case and to see if we could not come up with some ideas as to how to find the keys or otherwise gain unobstructed access to the encrypted data. I agreed and the next day they arrived at my office. We spent the afternoon talking about several approaches that could produce results under the right conditions. After the usual jokes about the rubber hose/telephone book technique, we got down to business. We talked about the scenario discussed in Case #1. We talked about tools such as those produced by AccessData2 (the Password Recovery Toolkit) and others. The police professionals that I have had the privilege of working with are not dummies. They had tried these tools and were not successful. I suggested that they consider another approach and perhaps under the right conditions, tools like D.I.R.T.3 or STARR4 or KeyKatch5 or KeyGhost6 might prove to be successful. I also suggested that another approach using electromagnetic emanations might also prove usefuldall, of course, with the appropriate warrants in place. For those not familiar with D.I.R.T. or STARR, these software tools work very much like NetBus or Back Orifice. They are installed on the target machine by various means (riding on a virus or a Trojan, or surreptitious direct installation) and thereafter, the target machine will report selected information, based on how the surveillance software is configured, back to their mastersdin this case the police (the FBI use a similar tool called Magic Lantern). These tools can intercept and record keystrokes among other things and 2 AccessData Corporation: This company provides more than 50 single modules each of which is designed to derive the password from a file that has been encrypted with the specific application such as Microsoft Word for example. The Password Recovery Tool Kit incorporates all of these plus a feature that provides for doing a dictionary attack (automated password guessing based on a dictionary of words, compiled by the investigator, that are important to the suspect). Information may be obtained directly from the vender at: www.accessdata. com/. 3 D.I.R.T.: Data Interception by Remote Transmissiondis produced by Codex Data Systems, Inc. of Bardonia, New York. It is a controlled tool and regulated (in the US) by Title 18 USC 2512. This is a Law enforcement only productdfurther information may be obtained directly from the vender at: www.codexdatasystems.com/menu.html. 4 STARR: STealth Activity Recorder & Reporterdthis is a PC & Internet Monitor produced by Iopus Software and further information may be obtained directly from the vender at: www.iopus.com.starr.htm. 5 KeyKatch: This device is produced by Codex Data Systems and further information may be obtained directly from the vender at: www.codexdatasystems.com/keykatch.html. 6 KeyGhost: This device is produced by KeyGhost Ltd. and further information may be obtained directly from the vender at: www.keyghost.com.
H. Wolfe transmit this information in encrypted form over the back channel when the target machine is connected to the Internet. In our case the keystroke recording function could potentially produce the keys to decrypt the suspect files. The advantage of these tools is that they are flexible and can capture, based on the way they have been configured, many different kinds of informationdincluding but not limited to key strokes. The disadvantage is that if a suspect machine was entirely encrypted, and the start-up process invoked key capture, these tools would not normally be active until AFTER key entry. Moreover, they may not even be able to be installed on a suspect machine that is entirely encrypted. KeyKatch and KeyGhost are physical devices about the size of your little finger that plug in between the keyboard and the processor and record all keystrokes (up to 2.5 megabytes in some models)dno software is required and therefore no unusual software process could be identified by the suspect. Most models are visible so an inspection would reveal their presence. KeyGhost produces a version that can be installed inside the target keyboard in about 15 min by someone with soldering skills. These must be retrieved and their contents downloaded to a text program like Wordpad or Notepad for further analysis. The advantage of these tools is that all keystrokes are captured and recorded within the devicedas long as there is power at the keyboard. This is important where the entire machine is encrypted. Since they are hardware, they do not interfere with nor would any software process on the suspect machine detect them. The disadvantage is that they are not flexible and can capture ONLY keystrokes and they must be retrieved to collect the information captured. Moreover, some models are visible and might be noticed (the keyboard internally installed model is, therefore, preferable). Electromagnetic transitions emanate from all electronic devices. With the right equipment, it is possible to receive those emanations and convert them back into their source form. For example a keyboard gives off these emanations for each keystroke. The emanations can be acquired from a reasonable distance covertly and converted back into the key codes. In short you can see and record what has been keyed on the target keyboard. The contents of a computer display unit can also be captured, interpreted and viewed by someone other than the operator at a distance. This technique is often referred to as the Van Eck (1985) effect based on the author’s name of one of the first articles published about this phenomenon.
Penetrating encrypted evidence Other keywords that also refer to the interception of various kinds of electromagnetic emanations are TEMPEST, HIJACK, and NONSTOP. Using this surveillance technique requires specialized electronic equipment consisting of, in the first instance, a highly directional and sensitive antenna. The antenna is directed at the approximate location of the target monitor or keyboard and the receiver (the second device) is then tuned and the signal may be amplified (the third device) on either side of the receiver but is fed from the receiver into a horizontal vertical sync generator (the fourth device) that translates the signal into one that can be displayed on a multi-sync monitor (the fifth device) and either monitored and/or recorded (a sixth device). These devices can be purchased separately or in some cases in combined form from various specialist surveillance venders or custom built. The technique may be illegal in some jurisdictions and may require a warrant for use. So, at the end of the day when the officers left, they had a number of techniques and software that they could try as well as a device that I had lent them. On their way home they chose a course of action. The next day they approached the Crown Prosecutor and revealed their plan. It was enthusiastically accepted and the appropriate warrants were issued. The plan was put into place and within 3 hours of executing the plan they had the keys that subsequently allowed them to decrypt the suspect’s files. This resulted in 19 counts being added to the original indictment and an assured conviction. Just as an aside, this particular case was a test case for our jurisdiction and preceded by months the Nicodemo Scarfo7 case that if it had
7
Nicodemo Scarfo: Under investigation by the FBI for several months prior to being indicted in December 2000, Scarfo used strong encryption to hide his alleged illegal activities. The FBI assumed that he would not cooperate and installed a key logger on his computer that captured his keys and made them available at their (the FBI’s) discretion. The Electronic Privacy Information Center has a pretty inclusive collection of documentation surrounding this case. Their web site is at: www.epic.org/crypto/scarfo.html.
105 gone to trial would have been the test case for the US. This case provides a couple of lessons. First of all, no one has all of the answers nor has any country cornered the market on investigative techniques. We all need to share our successful techniques and learn from each other and accept that we do not have all of the answers. The object after all is to prosecute the bad guys and to absolve the innocent. Second, it is possible to deal effectively with encrypted filesdnot all of the time and not in every case but much of the time. The techniques described have been and will continue to be successful and should be regarded as just another set of tools for the standard forensic tool kit.
References Schneier Bruce. Applied cryptography. 2nd ed. New York: John Wiley & Sons, Inc; 1996 [IBSN: 0-471-11709-9]. van Eck Wim. Electromagnetic radiation from video display units: an eavesdropping risk? Computers & Security 1985; 4(4):267e86. Elsevier Scientific, U.K. Available from: http://jya.com/emr.pdf.
Henry B. Wolfe has a long computing career spanning more than 43 years. He currently specializes in cryptographic problems that are related to forensic investigation, general computer security, surveillance, and electronic forensics teaching these topics to law enforcement (both in New Zealand and internationally) as well as at the graduate level in the University of Otago located in Dunedin, New Zealand where he is an Associate Professor.