RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS

From: Aucsmith, David W (awk@private)
Date: Wed Nov 28 2001 - 11:53:02 PST

Next message: Alan: "Re: Crispin on Badtrans.B, was: REMOVE FROM CRIME LIST"

Previous message: Kris Quinby: "RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Maybe in reply to: A. Melon: "CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Next in thread: Alok Aggarwal: "RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Reply: Alok Aggarwal: "RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Not necessarily.  If the PalmOS device used an encryption algorithm such as
AES which is:

(1) Computationally efficient on small processors
(2) Has no know mathematical weaknesses
(3) Uses a key size >128 (AES can use 512)

the encryption could easily be accomplished on the Palm and decryption would
have to be by brute force (key guessing) which, with a key size of 128 bits,
is not feasible even given the computing capacities of national intelligence
organizations (e.g., NSA, GCHQ, ...).

Encryption is O(mk), where k is the overhead of the algorithm and m is the
number of bits in the message, and decryption is O(mk^n), where n is the
number of bits in the key.


David Aucsmith
Chief Security Architect
Intel Corporation
*---------------------------------------
*   "All that is required for evil to triumph is for good men 
*    to do nothing" - Sir Edmond Burke
*
* PGP Key Fingerprint
*  C727 36AE 2DEF 5214 2116 2E28 7CDF C06F 3473 1AE3
*---------------------------------------



-----Original Message-----
From: Kris Quinby [mailto:kquinby@private]
Sent: Wednesday, 28 November, 2001 11:29
To: crime@private
Subject: RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS


This is interesting and gave me a thought pertaining to law enforcement
investigations.  I'll assume that any bad guy who is using a palm device is
also smart enough to find some freeware/shareware encryption for the truly
incriminating information.  After dd'ing (copying) the Palm memory to a PC,
the investigating officer would have better decryption programs and more
processing power to break the encryption.  So encryption deemed strong
enough to protect data stored on a Palm device without compromise is now
obsolete.  

Anyway just dumping my thoughts, I apologize for the poor sentence structure
and incoherent paragraph.

Kris

-----Original Message-----
From: A. Melon [mailto:juicy@private]
Sent: Tuesday, November 27, 2001 7:23 PM
To: crime@private
Subject: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS


The following security advisory is sent to the securiteam mailing list, and
can be found at the 
SecuriTeam web site: http://www.securiteam.com
  PDD, Forensic Analysis for the PalmOS

Next message: Alan: "Re: Crispin on Badtrans.B, was: REMOVE FROM CRIME LIST"
Previous message: Kris Quinby: "RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Maybe in reply to: A. Melon: "CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Next in thread: Alok Aggarwal: "RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Reply: Alok Aggarwal: "RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:35:28 PDT