Slashdot Mirror

← Back to Stories (view on slashdot.org)

Forensics Tool Finds Headerless Encrypted Files

Posted by timothy on from the sir-there's-an-anomaly-here dept.

gurps_npc writes "Forensics Innovations claims to have for sale a product that detects headerless encrypted files, such as TrueCrypt Dynamic files. It does not decrypt the file, just tells you that it is in fact an encrypted file. It works by detecting hidden patterns that don't exist in a random file. It does not mention steganography, but if their claim is true, it seems that it should be capable of detecting stenographic information as well."

22 of 374 comments (clear)

  1. Don't worry by sakdoctor · · Score: 4, Insightful

    The company has "innovations" in it's name, so their product probably won't work.
    If it did work against true crypt, which is a yard stick of well implemented encryption, I'm sure they'll come up with a counter measure by the next minor release.

    Also: In before XKCD strip.

    1. Re:Don't worry by Kjella · · Score: 5, Insightful

      Since encryption implements a lossless conversion then the data is not random. BECAUSE random data is just that random.

      Encryption in ECB mode leaves a very clear pattern, because identical input blocks leads to identical output blocks. Pretty much every other block chaining mode doesn't though because they mix it the preceding blocks, so i'm guessing an implementation flaw because the cryptographic primitives are pseudorandom, they have no distinguishable non-randomness unless you know the exact key.

      --
      Live today, because you never know what tomorrow brings
    2. Re:Don't worry by MaskedSlacker · · Score: 2, Insightful

      You've never heard of cruise control on a 500 mile trip have you?

    3. Re:Don't worry by Anonymous Coward · · Score: 5, Insightful

      You realize that you aren't saying anything at all, right? Your argument is that since encrypted data is different than random data (an assumption you make without stating), encrypted data will look different than random data.

      In reality, one of the standards for encryption algorithms (and block chaining methods) is that they produce a pseudorandom output. In fact, block ciphers are often called upon to operate as PRNGs when given random input data. The idea is that they will produce a significantly larger amount of pseudorandom output data than the random seed data.

      BTW I do mathematical cryptanalysis at a university...

    4. Re:Don't worry by Stray7Xi · · Score: 5, Insightful

      BECAUSE random data is just that random.

      Any kind of analysis that answers the question of whether a piece of data is random or deterministic can't do so with certainty. You can't prove a string of a million 1's wasn't randomly generated. Every piece of random data long enough will have substrings that appear to be a pattern.

      Give a voice recognition program a low enough certainty threshold and it'll pick out words from below the noise floor. But the lower you go, it'll make more and more mistakes and eventually it'll pick out words from plain white noise.

    5. Re:Don't worry by PitaBred · · Score: 3, Insightful

      That's why I name my TrueCrypt volumes stuff like "moo.zip"

      "Awww, jeez... the damn thing's gotten corrupted! My boss told me to keep my sensitive company files in an encrypted zip file, and it keeps screwing up"

      Just because security through obscurity isn't good as the only defense doesn't mean that it's not quite handy in addition to others.

      --
      My blog. Good stuff (when I remember to update it). Read it.
    6. Re:Don't worry by digitig · · Score: 2, Insightful

      Every file is random. It's as likely as any other sequence of bits.

      --
      Quidnam Latine loqui modo coepi?
    7. Re:Don't worry by shutdown+-p+now · · Score: 2, Insightful

      Your argument is that since encrypted data is different than random data (an assumption you make without stating), encrypted data will look different than random data.

      He didn't say that. He said that, for TrueCrypt case, the "random" data on the disk in free sectors is not random at all - it's got bits of deleted files in it, and so on. So, it's rather low entropy. On the other hand, sectors used for TrueCrypt will actually contain truly random, high-entropy data. And statistical analysis will be able to tell the difference easily.

    8. Re:Don't worry by AmberBlackCat · · Score: 2, Insightful

      That would not account for people like me, who actually drive like that regardless of criminal intent. What if a truly random file just happened to have that pattern? Does the person go to jail due to the unlikely nature of the file?

    9. Re:Don't worry by Jane+Q.+Public · · Score: 1, Insightful

      If you were discussing random bit-patterns, rather than random bytes, you should have said so. As it is, you were basically talking about something different from what everyone else was.

    10. Re:Don't worry by MoxFulder · · Score: 4, Insightful

      I wish I had mod-points for you.

      Finally we hear from someone who knows WTF he/she is talking about.

      Just to expand a bit: encryption algorithms (except for one-time-pad) don't produce truly random output. But all good, modern ones seek to produce output that's as indistinguishable as possible from truly random output, as a necessary but not sufficient component of their security. There are a variety of techniques to produce pseudorandom data based on a variety of sophisticated mathematics.

      It seems like the height of hubris to claim that one software program can reliably detect all these different kinds of extreme slight deviation from perfect randomness.

      A more plausible approach (as others have pointed out), is to look for files that do appear to be totally random. Such files are likely to be either (a) the output of a random number generator, or (b) encrypted. All files that have some useful content in their present form have some structure or non-randomness.

      --
      My bicyles
  2. Re:Patterns? by Firethorn · · Score: 3, Insightful

    The fact that there's order in the encrypted information doesn't change the fact that, to an outside observer that doesn't know the original information or the key can't tell the difference between the encrypted information and true random noise. That's part of the point.

    If they can tell that it's not random, that's a start on cracking the encryption and gaining the original information.

    --
    I don't read AC A human right
  3. Re:Plausible Denial? by Animaether · · Score: 5, Insightful

    "That's cute, sir - now give us the other password"
    - "what other password?"
    "for the hidden truecrypt volume"
    - "what hidden truecrypt volume??"
    "the one that's being referred to by half a dozen applications' most recently used files lists"
    - "oh err.. that's uh.. another drive entirely"
    "very well, then hand us that other drive"
    - "err uhm.. my dog ate it?"

    If you're really, really serious about these things, maybe you could work super-diligently to prevent leaving any clues as to that hidden volume's existence.. odds are something's going to bite you in the behind somewhere though.

  4. Re:Patterns? by Jah-Wren+Ryel · · Score: 4, Insightful

    Dear mods, that's meant to be facetious. Some of you seem to be a little trigger-happy so you won't understand why I shouldn't have to explain that.

    Make your joke and take the moderations like a man.
    If you are going to explain that it is a joke, you might as well not bother in the first place since explaining takes away all the fun.

    --
    When information is power, privacy is freedom.
  5. Re:Patterns? by thehickcoder · · Score: 2, Insightful

    Good point. My guess is that is how this tool actually works. It relies on the assumption that any statistically psuedorandom files (or maybe even partitions) must be encrypted, since every other file will contain some sort of pattern.

  6. Re:Vindicated! by Hatta · · Score: 2, Insightful

    encrypted information (short of a one time pad, which is the only way to get true noise) has an underlying structure in the data operated on.

    The digits of pi have an underlying structure. If you have a way to distinguish an arbitrary stretch of pi from truly random data, I suspect you'll win a Fields Medal.

    --
    Give me Classic Slashdot or give me death!
  7. Sure they do! :) by PaulBu · · Score: 2, Insightful

    [pb@localhost ~]$ tail ~/.bash_history
    less GnosLoadPDFForms.pdf
    file GnosLoadPDFForms.
    mv GnosLoadPDFForms.pdf GnosLoadPDFForms.fdf
    file GnosLoadPDFForms.fdf
    evince GnosLoadPDFForms.fdf
    less GnosLoadPDFForms.fdf
    su
    acroread GnosLoadPDFForms.fdf
    top

  8. Re:I'm calling BS by zindorsky · · Score: 3, Insightful

    OK, I checked it out. Here's how they "do" it:

    1. No File Header.

    2. (File size % 512) = 0

    3. Successful X2 and Arithmetic Mean tests on certain bytes.

    4. File size greater than 15 MB.

    Step 2 == entropy tests.

    In other words, they detect random looking files (which implicitly implies "no header") whose size is 0 mod 512 and is greater than 15MB.

    Big fucking deal. It might be true that on your system, the only files that meet these characteristics are TrueCrypt volumes, but again it's trivial to create non-TrueCrypt files that meet these criteria. Simply, any true random file (whose size meets the above requirements) will be detected as a TrueCrypt file.

    I stand by my assessment: BS.

    --
    If the geiger counter does not click, the coffee, she is not thick.
  9. Re:Is unreadable data really encrypted data? by e4m · · Score: 3, Insightful

    There is a reason that high-quality encryption was once classified as a "munition" by the US government. You cannot accidentally create it. You need a very good PRNG or an algo such as AES. Don't worry, your formats will (and cannot) be confused with encrypted data.

  10. Re:Plausible Denial? by Joe+U · · Score: 2, Insightful

    And your non-virtual OS's swap file? You can turn it off, but that'd raise big suspicions.

    Like what? Having 4GB of RAM? I have no swap on some systems, don't need it, why should I thrash my HDD?

  11. Re:Patterns? by geekboy642 · · Score: 2, Insightful

    "The right way to do this is simply to have the encryption code silently destroy access to the data when given a special, secondary password."

    Have you never heard of "dd"? Bit-for-bit copying of an entire drive renders your special booby-trapped key completely pointless. Who are you trying to defend yourself against, Inspector Clouseau?

    --
    Just another "DOJ fascist authoritarian totalitarian bootlicker" -- Zeio
  12. Re:Vindicated! by treeves · · Score: 2, Insightful

    Don't *all* numbers consist of just ones and zeros ? C'mon this is Slashdot!

    --
    ...the future crusty old bastards are already drinking the Kool-Aid.