Enfuse 2017 Reflection – Abby Barr: Efficient Decryption

Introduction

As a first-year student at Champlain College, I was new to the fields of Digital Forensics and Cyber Security. Applying to attend Enfuse felt like a long shot due to my lack of knowledge and experience. Plus, I wasn’t even sure that I could understand the content of the sessions that I may attend! Even if I could not understand the content, I knew that I could at least make connections, see real-life professionals, and hear the everyday experiences of employers. Luckily, I chose my sessions well and was happily surprised with one session in particular: Efficient Decryption.

Efficient Decryption

The speaker, Dmitry Sumin, is the CEO of Passware, a company that creates electronic evidence discovery and decryption solution software. I did not talk to him in person — which I regret, as the whole conference is about creating connections. However, I did really appreciate listening to a professional present about real problems in the industry. Sumin’s presentation put into perspective what companies and their employees face every day, the good and the bad. Now, this may be due to my strong interest in encryption and decryption but I still believe that anyone would have enjoyed the session.

Efficient Decryption Enfuse

Sumin began the session by covering the basics, discussing different types of encryption, how to decrypt data and how the use of encryption is rising. He also identified the three main challenges of decryption: time, resources, and success rate. After covering the simple topics, which definitely helped the beginners in the room, he began to talk about the fun concepts.

Efficient Decryption Enfuse

To reinforce his points, he discussed how getting access to encrypted evidence is one of the biggest problems every forensic analyst faces. With the widespread availability of full disk encryption for Windows and Mac, it is very difficult to successfully decrypt a system without assistance from the user, suspect, or victim. Along with discussing the specifics of the decryption, he also touched upon the memory artifacts that are in hibernation files and live memory images. The information about memory artifacts was new to me but I was able to keep up with the depth in which he discussed the topic.

Conclusion

Overall, Enfuse was a great conference to attend. It caters to various levels of knowledge. It builds great connections (as long as you talk to others)! And offers a close-up view of what the field is really like.

To learn more about the LCDI, take a look at our Facebook and Twitter pages or send an email to lcdi@champlain.edu!

More Research Projects
CyberRange Team: Creating The Perfect Sandbox Environment
The Internet of Things Team: An Inside Look
CyberTech: Creating a Safer Internet Through Education