Accessing Encrypted Data
This week’s reading gives you basic technical information about passwords and encryption, and how to recover data protected by these mechanisms. There is also a section on Steganography, which literally translated means “covered writing.” When some people think of steganography, or “stego,” they think of documents or other data files being hidden in other file types (usually image/picture files). This is something that is used frequently in secreting child pornography to avert detection. Interestingly, the use of stego goes much farther back than the use of computers.
Like cryptology, steganography is used to hide something in something else. So, even though a code breaker can detect the hidden code, they may not be aware that the code actually contains a different message. Cryptography scrambles a message so that it is unreadable, but still visible, while stego camouflages data to hide it or make it undetectable. This course is not meant to teach you about the technical details of encryption or passwords or steganography (entire books are written on each of those subjects), but rather to help you understand their place in the criminal justice process.
Does a warrant give you the authority to break passwords protecting information or to decipher encrypted data? This is a very important question. As many of you have discussed in our previous week’s discussions, it is important to make sure you know the limits of your warrant. But while you are conducting a search with a properly executed warrant, you may come across other information that is not included in your scope, but is still evidence of a crime. For example, imagine you are searching a hard drive for information related to a fraud scheme. While you are looking through the files you come across a picture that is obviously child pornography, but you do not have child pornography addressed in any way within your warrant. What do you do? The proper response is to stop the search and obtain another warrant for evidence related to child pornography. The same thing applies to discovering encrypted data. In your affidavit you should explain that criminals sometimes encrypt files that contain evidence. Some may even use steganography techniques to hide other files.
For this week’s discussion, complete the following questions below in detail. Please discuss thoroughly and substantively in your post. You are not required to respond to a classmate in this week’s discussion, however, respond in a thorough, substantive, intelligent way to your fellow classmates will add to our discussion and learning of this week’s topic!
1) List and explain five (5) examples of how steganography were used BEFORE the advent of computers.
2) List and explain five (5) examples of how encryption (or cryptology) were used BEFORE the advent of computers.
3) Discuss how steganography and encryption could be used legitimately, and why this could cause you a problem as a computer forensic examiner.