A Blockchain Based Digital Forensics Chain of Custody Technology

• Main Authors: Weng, Chia-Yu, 翁嘉妤
• Other Authors: Tso, Ray-Lin
• Format: Others
• Language: zh-TW
• Published: 2019
• Online Access: http://ndltd.ncl.edu.tw/handle/krv729

碩士 === 國立政治大學 === 資訊科學系碩士在職專班 === 107 === When a digital forensics library acceptes a case, the forensics staffs of the library need to collect the evidence by using legal forensics tools according to the proper principle of Digital Forensics Chain of Custody. In this way, we can make sure that the extracted evidence has the evidential effect during the litigation. However, currently the coollecting process is being recorded and modified in paper work including Digital evidence collection worksheet, Incoming Evidence Form, and Chain of Custody Form which requires lots of huam resources and is time consumin. Focusing on Chain of Custody Form, this thesis proposes a blockchain based digital forensics chain of custody. This platfrom, to some extent, solves the problems mentioned above. The building blocks and the core techniques we used here including the Ethereum blockchain and ECQV implicit certificates. In order to attain the data integrity, this platform release ERC 721 non-fungible token for each chain of custody form, recording all modificatory history of ownersship and context. In addition, it adopts the Clique PoA consensus to sync the data of all nodes on the chain. Furthermore, all the users need to apply for an ECQV certificate from CA to athenticate the identification before the participating consortium chain. The reasons why we use ECQV certificates are beacuse of its smaller size and more secure of keys comparing with traditional certificates. So that we can put it on the blockchain for transmission, leting users to sign, verify, encrypt and decrypt the chain of custody for the purpose of achieving the data confidentiality and non-repudiation.