2 weeks ago I was writing an essay on the Open Computer Forensics Architecture (OCFA). I gave up trying to get OCFA to work in the end as it was just a total pain. The documentation is awful, and the error messages it spews out are not useful. Steven spent a few hours looking at their source code to figure out why it kept segfaulting, but it wasn’t worth it. I chose to do my essay on file encryption and full disk encryption (FDE) and the effect of these on digital forensics. You can read all 5000 words if you are interested.
It is now illegal to refuse to give up any encryption keys (or decrypt the data for them) in the UK when the police demand it under Section 49 of RIPA Part III. However the punishment is maximum 5 years in prison, which may be much less than the punishment for what the decrypted data might reveal. So even with this law, there are still lots of cases where the investigation cannot continue or has very little evidence of the suspected crime because the key is unobtainable.
Brute forcing encryption keys or finding any flaws in encryption algorithms takes too much time, effort and money. Recommended key lengths have been increased as computer hardware has gotten faster. This is likely to happen again in the future, and keys and algorithms which are at the moment infeasible to break may become breakable as hardware gets faster and weaknesses are found in current encryption algorithms.
Perhaps these breakthroughs can be used to solve the cases mentioned above in much the same way as advances in DNA technology are currently being used to solve crimes committed years ago? The UK National DNA Database has solved many old crimes including the rape and murder of two girls (aged 11 and 9) in Canterbury, 1988. John Wood was arrested in Derby, 2001, for shoplifting – and his DNA matched that of the 1988 cold case. Wood pleaded guilty to rape and indecent assault and was sentenced to 15 years in prison (Home Office). If such a national database of encrypted data existed, maybe future technology could break the encryption and solve more cold cases.