On Tue, Aug 13, 2002 at 08:11:31PM +0200, Jeroen Latour wrote: > But, again if the algorithm is any good, it will not be possible to easily > determine the algorithm used to compress it, let alone try and decrypt it. Is it common experience among investigators that encrypted contents are encrypted with anything other than "easy" tools, such as pgp, gpg, ntfs encryption, etc? I was going to respond to Jeroen that even though the underlying algorithms used for encryption should be nearly indestinguishable from each other, at least if they are any good (as he points out), it is much more likely the case that files have common headers, say, matching the openpgp specification or some other well-defined specification, that will clearly label the file encrypted in some fashion, quite possibly even specifying which key it is encrypted to... But without knowing what one is likely to encounter in the field, I'm not sure this is a good answer. Thanks -- http://immunix.org/
This archive was generated by hypermail 2b30 : Thu Aug 15 2002 - 05:03:13 PDT