Blader door alle records:
alle velden: "*"
| Auteur||Jochem van Kerkwijk|
|Titel||Handling iOS encryption in a forensic investigation|
|Begeleiders||Coen Steenbeek, Marco Veen, Derk Wieringa|
|Faculteit||Faculteit der Natuurwetenschappen, Wiskunde en Informatica|
|Opleiding||FNWI MSc System and Network Engineering|
|Samenvatting||Since the introduction of the iPhone 3GS Apple offers a new form of encryption scheme called Data Protection. In this research project a relation has been made on how Data Protection has consequences for a forensic investigation.
The report holds a literature study that elaborates on what has been done in this field before as well as to what the latest forensic methods are.
A practical attack as presented by Bédrune and Sigwald has been performed on a first generation iPad equipped with version 4.3.3 of iOS, which currently is the latest version. Using this implementation it is relatively easy to circumvent iOS Data Protection using a bootrom exploit.
With these technical abilities forensic possibilities are identified. iOS devices are hardened against human attack vectors, not against a brute forcing computer.
Data Protection has successfully been broken which allows for full forensic investigation.
The difficulty is in presenting this data to court, as the operating system on iDevices is prone to changes which introduce inconsistencies if the audit is performed by a different party. Traditional forensics simply does not apply to mobile devices and requires an alternative investigation path.|
|Soort document|| scriptie master|
Gebruik dit adres om naar deze pagina te linken: http://dare.uva.nl/scriptie/392648
Vraag/opmerking over dit recordMail aan een collega
Toevoegen aan bewaarset