RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS

From: Aucsmith, David W (awk@private)
Date: Wed Nov 28 2001 - 11:53:02 PST

  • Next message: Alan: "Re: Crispin on Badtrans.B, was: REMOVE FROM CRIME LIST"

    Not necessarily.  If the PalmOS device used an encryption algorithm such as
    AES which is:
    
    (1) Computationally efficient on small processors
    (2) Has no know mathematical weaknesses
    (3) Uses a key size >128 (AES can use 512)
    
    the encryption could easily be accomplished on the Palm and decryption would
    have to be by brute force (key guessing) which, with a key size of 128 bits,
    is not feasible even given the computing capacities of national intelligence
    organizations (e.g., NSA, GCHQ, ...).
    
    Encryption is O(mk), where k is the overhead of the algorithm and m is the
    number of bits in the message, and decryption is O(mk^n), where n is the
    number of bits in the key.
    
    
    David Aucsmith
    Chief Security Architect
    Intel Corporation
    *---------------------------------------
    *   "All that is required for evil to triumph is for good men 
    *    to do nothing" - Sir Edmond Burke
    *
    * PGP Key Fingerprint
    *  C727 36AE 2DEF 5214 2116 2E28 7CDF C06F 3473 1AE3
    *---------------------------------------
    
    
    
    -----Original Message-----
    From: Kris Quinby [mailto:kquinby@private]
    Sent: Wednesday, 28 November, 2001 11:29
    To: crime@private
    Subject: RE: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS
    
    
    This is interesting and gave me a thought pertaining to law enforcement
    investigations.  I'll assume that any bad guy who is using a palm device is
    also smart enough to find some freeware/shareware encryption for the truly
    incriminating information.  After dd'ing (copying) the Palm memory to a PC,
    the investigating officer would have better decryption programs and more
    processing power to break the encryption.  So encryption deemed strong
    enough to protect data stored on a Palm device without compromise is now
    obsolete.  
    
    Anyway just dumping my thoughts, I apologize for the poor sentence structure
    and incoherent paragraph.
    
    Kris
    
    -----Original Message-----
    From: A. Melon [mailto:juicy@private]
    Sent: Tuesday, November 27, 2001 7:23 PM
    To: crime@private
    Subject: CRIME [TOOL] PDD, Forensic Analysis for the PalmOS
    
    
    The following security advisory is sent to the securiteam mailing list, and
    can be found at the 
    SecuriTeam web site: http://www.securiteam.com
      PDD, Forensic Analysis for the PalmOS
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:35:28 PDT