FBI Agent: Decrypting Data 'Fundamentally Alters' Evidence

Joseph Cox, reporting for Motherboard: An FBI agent has brought up an interesting question about the nature of digital evidence: Does decrypting encrypted data "fundamentally alter" it, therefore contaminating it as forensic evidence? According to a hearing transcript filed last week, FBI Special Agent Daniel Alfin suggested just that. The hearing was related to the agency's investigation into dark web child pornography site Playpen. In February 2015, the FBI briefly assumed control of Playpen and delivered its users a network investigative technique (NIT) -- or a piece of malware -- in an attempt to identify the site's visitors. [...] According to experts called by the defense in the affected case, the fact that the data was unencrypted means there is a chance that sensitive, identifying information of people who had not been convicted of a crime was being sent over the internet, and could have been manipulated. (Alfin paints this scenario as unlikely, saying that an attacker would have to know the IP address the FBI was using, have some sort of physical access to the suspect's computer to learn his MAC address, and other variables.)

Re:"Special" Agent needs remedial forensics traini

[Solandri]

Hint: if the hash of the data before and after it is sent remains the same then that satisfies one of the requirements to being forensically sound

If the data is sent as cleartext, it becomes much, much easier for an attacker to alter the cleartext into a different form which contains a plausible message yet generates the same hash. There's an entire branch of cryptography dedicated to these types of attacks.

If it's transmitted while encrypted, the attacker (assuming he can't break the encryption) has no way to verify that his altered ciphertext which generates the same hash still decrypts into a cleartext message which makes any sense in the context of the original cleartext, much less has been altered to his liking.

While it's not required that this sort of data be encrypted before transmission, it is prudent to do so whenever possible. It drops the chances that the data has been forensically compromised from very small to vanishingly small (it is easier for the attacker to break your encryption).

Re:No

[PCM2]

On a semi-related note, during the "Zip wars" in the early 90s there was a fake file compression program circulating called NaBoB that claimed to use some sort of quantum compression techniques (all compression algorithms named after quarks) to cause your files to hit "the singularity," where every archive would be reduced to a single byte in size.

Naturally, all it really did was rename your files, hide them, and write a one-byte "archive file" in their places. When you "decompressed" the archive, the full-size files would be restored. Miraculous!

Re: Maybe it de-alters it.

And thats what most people who dont understand encryption would say. Unfortunately you completely mis understand the mechanisms being used and a binary blob can decrypt to multiple different data sets depending on key and method. Its pretty much impossible to deduce after decryption whether the result is the same as the original or if the result is alternative output.

You can get a binary blob to decrypt to pretty much anything you want by being inventive with keys and algos. Like you, courts have a hard time understanding whats going on.

Re:"Special" Agent needs remedial forensics traini

[thoromyr]

Sorry, I didn't read your whole post so my answer is incomplete. While collisions can be generated, for even semi-modern hashes they involve more than just data changes (e.g., the size of the data is changed as well). A digital chain of custody will record both the hash and the size in bytes. And that does not alter the fact that the burden of proof lies with the defense when making allegations of alteration. That is, the allegations must be specific -- not just a general hand waving that "something could have happened". There is a presumption that evidence has not been tampered with. Breaks in chain of custody are not uncommon and normally have no impact on proceedings other than some additional testimony.

Furthermore, hash collisions are not considered to be an issue by the courts. Fingerprints have a far far greater risk of collision (or simply misidentification) than say md5 and law enforcement has done an effective job of convincing the courts that *fingerprints* are unassailable evidence and now with hashing being vastly better it is considered completely irrefutable.

Again, the purpose of encryption is to protect confidentiality, not provide integrity. While it may have some impact in that regard it is a side effect. Integrity measures (such as documenting the chain of custody, hashing evidence on collection, etc.) are what provide that.

Re: THIS case?

[dwillden]

And it's the same degenerate undesirables who fight back on their convictions who establish what protections we do have. Miranda for example was a real scumbag, but his appeal on being interrogated without knowing his rights established the Miranda warnings we can all quote from TV. And incidentally shortly after winning his landmark case that upstanding citizen was stabbed to death in a bar fight.