| Author Name | Affiliation | | Jingsha He | School of Software Engineering, Beijing University of Technology, Beijing 100124, China | | Gongzheng Liu | School of Software Engineering, Beijing University of Technology, Beijing 100124, China | | Bin Zhao | School of Software Engineering, Beijing University of Technology, Beijing 100124, China
Dept.of Computer Science, Jining University, Qufu 273155, China
State Key Laboratory of Digital Publishing Technology, Peking University Founder Group Co.,Ltd, Beijing 100871, China | | Xuejiao Wan | School of Software Engineering, Beijing University of Technology, Beijing 100124, China |
|
| Abstract: |
| In forensic investigations, it is vital that the authenticity of digital evidence should be ensured. In addition, technical means should be provided to ensure that digital evidence collected cannot be misused for the purpose of perjury. In this paper, we present a method to ensure both authenticity and non-misuse of data extracted from wireless mobile devices. In the method, the device ID and a timestamp become a part of the original data and the Hash function is used to bind the data together. Encryption is applied to the data, which includes the digital evidence, the device ID and the timestamp. Both symmetric and asymmetric encryption systems are employed in the proposed method where a random session key is used to encrypt the data while the public key of the forensic server is used to encrypt the session key to ensure security and efficiency. With the several security mechanisms that we show are supported or can be implemented in wireless mobile devices such as the Android, we can ensure the authenticity and non-misuse of data evidence in digital forensics. |
| Key words: digital forensics authenticity non-misuse digital evidence |
| DOI:10.11916/j.issn.1005-9113.2015.01.014 |
| Clc Number:TP391 |
| Fund: |
