±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 36783
New Yesterday: 2 Visitors: 164

±Latest Articles

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Videos

±Latest Jobs

How encryption affected my life

How encryption affected my life

by Dominik Weber

Dominik Weber
About the Author

Dominik Weber is a Senior Software Architect for Guidance Software, Inc.

Encryption and the lack thereof changed my life. In the early 1990’s I realized that encryption is very underused and in the near future it will become essential for most people and companies. At that time, hardly any user encrypted any data. Even in the financial sector, good encryption was applied seldom. Thus, I chose the focus of my Masters in Computer Science to be Cryptography. My thesis was researching the synergistic properties of compressing data before cryptographically hashing it.

When the large forensic company I am currently working for decided to create an Enterprise-Level product, I worked on cryptographic protocol, the Authentication and Encryption Algorithms, their FIPS 140-2 validation and implementation. This took a long time, proving the well-known fact that well designed protection is not a simple or quick task. The proper selection of algorithms, threat modeling, secure coding practices, entropy and key management are just some of the many facets I had to address. Finally my co-inventors and I obtained a patent protecting this intellectual property.

I was very careful because I knew firsthand how disastrous a lack of protection can be - it was the trigger for my divorce. My then-wife was acting suspiciously when reading and writing her email. She used to minimize the Netscape Mail window or switch to a different screen when I entered the room (in addition to some other behavior which raised my concerns). So the next morning after she had left, I decided to investigate. Obviously, I did not want to leave any trace and I also did not have the Netscape Mail password. Since the computer (that I had bought) was running Windows 97, file permissions and audit logs were non-existent. Good for me. I then found the sent mail cache files and opened them in Notepad. Ah - good old Notepad forensics. I scrolled around - and I found certain emails she had sent. These files were not encrypted or obscured - despite Netscape requiring a password, offering a false sense of security.

I moved out the next weekend and 18 months later, the summary dissolution of marriage was approved by the court. This was the second time that I did naïve forensics on that computer (but that is a different story altogether). Interestingly enough, ten years later, I used the forensic product on a backup CD of that machine and I found many more artifacts and emails. It is surprising how much more information can be gathered with the proper tools, training and methodology.

With this prior experience, it was very interesting to examine the Outlook 2003 PST files. This file format has three levels of encryption. “None“, “Compressible Encryption” and “Best Encryption” with “Compressible Encryption” being the default.

“None” is not encrypting the data at all - just like the Netscape Mail example.

“Compressible Encryption” is simply a substitution cipher. It is exactly what the “secret decoder ring” does; it is also called a Caesar cipher. For data, a particular byte always gets substituted by a fixed other one. That is why the PST file still compresses well. It just obscures the data and would have stopped my naïve Notepad attack. But this would not stop any forensic software from undoing this substitution on the fly.

“Best Encryption” is similar but the substitution table changes depending on the data’s position. This also can be automatically undone without the password.

Before you start worrying about your privacy, the newer version of Outlook does encrypt the data strongly and the encryption key is derived from the password.

Nowadays, most software uses strong algorithms, usually AES with a properly derived key. And to protect data that might not be encrypted by the application, there is a plethora of file-level encryption as well as full disk encryption products out in the market, Some are from third-party vendors, others are part of the Operating System.

As far as file encryption products go, some archivers have support for password-based encryption, like ZIP and RAR. Then there are integrated ones, that do not require special actions, for instance Credent and Microsoft’s EFS.

Since Windows 2000, EFS transparently encrypts and decrypts files. It is cryptographically sound (since XP) and you need either the (hash of a) user’s password or the recovery key. Sometimes artifacts can be found when a previously plain file gets encrypted. With solid systems like these, the weakest link are the passwords. A weak password can be guessed with a dictionary attack. XP introduced an upgraded key derivation scheme (SHA-1 PKDBF-2). This fixed the issued that in Windows 2000 the password was hashed with MD5 and the same hashes were obscured in the registry (for local users). Now EFS is much harder to break.

The other alternative is full disk encryption. This will usually encrypt the sectors of the disk or volume. PC Guardian, True Crypt and BitLocker are just some of the products. To me, BitLocker is by far the most impressive one. A completely differently team, the Microsoft System Integrity Team, analyzed many different aspects of BitLocker and several changes were made. The most interesting one is the concept of a “diffuser”, an algorithm that scrambles the bits in a sector. The one used for BitLocker is called “Elephant” - it prevents attacks that corrupt the data partially and is a great new addition to sector-based encryption. BitLocker also works with pins, smart cards, USB stored keys and leverages the TPM.

The TPM (Trusted Platform Module) is a chip on all new motherboards that keeps key information in a read-once way. And in order to gain access to this key, the boot sequence must be the same as before. Retrieving this key by software alone is very, very hard.

Regardless of what product is used, you have to have the proper credentials. There are several ways to obtain them (depending on the features and implementation of the encryption system): the recovery key, a dictionary attack, a user supplying it, getting the password from a password storage or just a yellow post-it.

Encryption sure has changed a lot in the last 20 years!


Read Dominik's previous columns

Dominik Weber is a Senior Software Architect for Guidance Software, Inc. He has a Masters of Computer Science from the University of Karlsruhe, Germany and worked for video game companies (Activision) and on computer animation / motion-capture projects (Jay Jay the Jet Plane) before joining Guidance Software in 2001. He can be reached at [email protected]

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase and Enterprise platforms provide the foundation for government, corporate and law enforcement organizations to conduct thorough, network-enabled, and court-validated computer investigations. Worldwide there are more than 30,000 licensed users and thousands attend its renowned training programs annually.