International Journal of Electronic Security and Digital Forensics (4 papers in press)
The preservation of digital evidence and its admissibility in the court
by Fernando T. Molina Granja, Glen D. Rodríguez Rafael
Abstract: This articles objective is to screen and analyze the common models of digital preservation that exist, the elements, the degree of compliance with the general guidelines, the use of techniques and compliance with specific requirements as well as to evaluate the need for a solution to the environment of criminal investigation institutions, in the scenario that lacks a specific model. The importance of the preservation of digital objects is currently heavily analyzed. Several aspects may serve to make the digital objects worthless, such as the uselessness of hardware, the deficiency of ancient computing formats to support their use, human errors, and malicious software. The majority of crimes currently have a digital component, such that Governments and the police are obliged by law to indefinitely hold digital evidence for a cases history. Until the presentation of the digital evidence in Court, the evidence must be collected, preserved and properly distributed. The systems currently used often involve multiple steps that do not meet the demands of the growing digital world. The volume of digital evidence continues to grow, and these steps will soon become operationally and economically unfeasible for agencies responsible for performing these tasks.
Keywords: digital preservation;digital evidence;preservation of digital evidence;admissibility of evidence; criminal investigation institutions; cybercrime; preservation model; integrity of evidence.
Cryptographic Collusion-resistant Protocols for Secure Sum
by Maede Ashouri-Talouki, Ahmad Baraani-Dastjerdi
Abstract: Secure summation is one of the most applicable functions of secure multiparty computation (MPC) in which a group of users securely computes the summation value of their private inputs. The current solutions to this problem are basically on adding a random number to private inputs or splitting the inputs among users which need secure channel among members. Moreover, to be resistant against collusion of n-2 players, they impose high communication cost. In this paper, we propose three cryptography-based protocols for secure sum that do not need secure channel and are secure against collusion of n-2 players. Also, the communication cost of the proposed protocols is of complexity O(n). Based on the privacy requirements, the proposed protocols can provide the final result privacy as well as the private input privacy.
Keywords: Multiparty Computation; Cryptography; Data Privacy; Collusion
A New Kind of Steganography Schemes for Image
by Zhihai Zhuo, Ning Zhong
Abstract: Message security is more and more important in our modern life. As encryption arousing suspicion easily, steganography which aims at hiding secret message in a cover and has little influence on the cover becomes popular. There are many steganography algorithms having been proposed. Most of them are based on binary, but binary sequence is longer than ternary sequence of a same decimal sequence. In this paper, to have a shorter sequence to represent secret message and protect it, we propose a new method to deal with secret message and get a binary sequence, a ternary sequences and a quaternary sequence. For the ternary sequence and quaternary sequence, we propose a ternary JSteg method and a quaternary JSteg method; this method can keep the histogram characters. So for same secret message, our method will have less influence on the cover.
Keywords: Steganography, ternary Jsteg
Vanishing files: protocols and regulations for immaterial documents
by Rosario Culmone
Abstract: Regulatory and technological aspects of cloud technology are showing both opportunities and gaps in the rules on security and accessibility. Our proposal aims at addressing a problem that has not yet manifested using a protocol and discussing the normative aspects regarding the possibility of rendering a document completely immaterial. Our article proposes a protocol that uses the network in an unconventional way to make a document fully immaterial. By immaterial we mean that is not localizable anywhere in its entirety. If we continue the analogy to climate, we want to realize a fog of files rather than a cloud. The files are distributed on a public or private network and only the injectors and extractors can access them. The inaccessibility by others, the non-location, and the dynamics of the system offer significant advantages in terms of security but raise some legal problems.
Keywords: network security; cloud architecture; network protocols; legal and normative aspects.