Investigating Encrypted Material

McGrath, Niall; Gladyshev, Pavel; Kechadi, Tahar; Carthy, Joe

doi:10.1007/978-3-642-02312-5_4

Niall McGrath¹⁶,
Pavel Gladyshev¹⁶,
Tahar Kechadi¹⁶ &
…
Joe Carthy¹⁶

Part of the book series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ((LNICST,volume 8))

Included in the following conference series:

International Conference on Forensics in Telecommunications, Information, and Multimedia

1060 Accesses

Abstract

When encrypted material is discovered during a digital investigation and the investigator cannot decrypt the material then s/he is faced with the problem of how to determine the evidential value of the material. This research is proposing a methodology of extracting probative value from the encrypted file of a hybrid cryptosystem. The methodology also incorporates a technique for locating the original plaintext file. Since child pornography (KP) images and terrorist related information (TI) are transmitted in encrypted format the digital investigator must ask the question Cui Bono? – who benefits or who is the recipient? By doing this the scope of the digital investigation can be extended to reveal the intended recipient.

The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-642-02312-5_25

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Carter, H.: Paedophiles jailed for hatching plot on internet (2007)
Google Scholar
Joseh, S.: Hamas Terror Chat Rooms, December 11 (2007)
Google Scholar
Siegfried, J., et al.: Examining the Encryption Threat, Computer Forensic Research and Development Center. International Journal of Digital Evidence (2004)
Google Scholar
Callas, J., et al.: PGP Corporation OpenPGP Message Format (November 2007)
Google Scholar
Bunting, S.: The Official EnCase Certified Examiner Guide. Wiley, Chichester (2008)
Google Scholar
Dickson, M.: An Examination into AOL Instant Messenger 5.5. Elsevier Ltd., Amsterdam (2006) (Digital Investigation 3)
Google Scholar

Download references

Author information

Authors and Affiliations

University College Dublin, Dublin, Ireland
Niall McGrath, Pavel Gladyshev, Tahar Kechadi & Joe Carthy

Authors

Niall McGrath
View author publications
You can also search for this author in PubMed Google Scholar
Pavel Gladyshev
View author publications
You can also search for this author in PubMed Google Scholar
Tahar Kechadi
View author publications
You can also search for this author in PubMed Google Scholar
Joe Carthy
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Electrical and Electronic Engineering, University of Adelaide, P.O. Box, SA 5005, Australia
Matthew Sorell

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

McGrath, N., Gladyshev, P., Kechadi, T., Carthy, J. (2009). Investigating Encrypted Material. In: Sorell, M. (eds) Forensics in Telecommunications, Information and Multimedia. e-Forensics 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 8. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02312-5_4

Download citation

DOI: https://doi.org/10.1007/978-3-642-02312-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02311-8
Online ISBN: 978-3-642-02312-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics