Re: Handling, possibly, encrypted data

From: Seth Arnold (sarnoldat_private)
Date: Thu Aug 15 2002 - 01:10:40 PDT

Next message: InfoEmergencias - Luis Gómez: "Re: blowfish cryptographic hash function"

Previous message: Floydman: "Release : ComLog 1.0, a WIN32 command prompt logger"
In reply to: Jeroen Latour: "Re: Handling, possibly, encrypted data"
Next in thread: Muhammad Faisal Rauf Danka: "Re: Handling, possibly, encrypted data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 13, 2002 at 08:11:31PM +0200, Jeroen Latour wrote:
> But, again if the algorithm is any good, it will not be possible to easily 
> determine the algorithm used to compress it, let alone try and decrypt it. 

Is it common experience among investigators that encrypted contents are
encrypted with anything other than "easy" tools, such as pgp, gpg, ntfs
encryption, etc?

I was going to respond to Jeroen that even though the underlying
algorithms used for encryption should be nearly indestinguishable from
each other, at least if they are any good (as he points out), it is much
more likely the case that files have common headers, say, matching the
openpgp specification or some other well-defined specification, that
will clearly label the file encrypted in some fashion, quite possibly
even specifying which key it is encrypted to...

But without knowing what one is likely to encounter in the field, I'm
not sure this is a good answer.

Thanks

-- 
http://immunix.org/

application/pgp-signature attachment: stored

Next message: InfoEmergencias - Luis Gómez: "Re: blowfish cryptographic hash function"
Previous message: Floydman: "Release : ComLog 1.0, a WIN32 command prompt logger"
In reply to: Jeroen Latour: "Re: Handling, possibly, encrypted data"
Next in thread: Muhammad Faisal Rauf Danka: "Re: Handling, possibly, encrypted data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 15 2002 - 05:03:13 PDT