Help me a writing project? Anyone familiar with digital encryption needed!

Hello everyone. I was wondering, because J&A come from a coding background, if there might be someone on this forum willing to help me out with a couple of technology queries for a novel I'm writing.

I'll lay the set up out and if anyone can let me know how this would work/look and give me as much detail as possible that would be great!

So a character finds a USB drive she wants to get in to, but finds that the data is encrypted when she tries to open it (how would this look? would it just be empty? password protected? etc).

When she does get into this (a character off-the page would manage to decode it) it contains a fair amount of digital Bitcoin. I know this is fairly specific, but same questions apply - how it would it look? Individual files? If so, what kind?

Trying to fit this in to my work lunch break so I might not have been as thorough as I would like here, but if you think you can help please get back to me and if you need to ask any questions then feel free!

(You may find yourself in the acknowledgements if this book ever sees the light of day...)

Thanks!
Murderbear

Comments

  • How would a USB drive with encrypted data, how would this look?

    Realistically, it could look a lot of different ways.  There are different methods of encryption. 
    With whole disk encryption (a la TrueCrypt [open source, discontinued by author, fully audited] or BitLocker [closed source, owned by Microsoft]), plugging in the USB drive would likely give you a message that the device is unformatted and prompt you to format it.  Doing so would destroy any data on the drive. 

    With file based encryption (a la GnuPG [free and open source]) the filenames would look normal, and by default would have a extension matching the program.  (i.e. .gpg)  The owner of the device could rename these to whatever she pleased, however.  Opening them with a hex editor (larger files like pictures, videos, audio) or a text editor (smaller files like documents, text, etc) would reveal what looks like gibberish.  With a file-based approach, there would likely be inconspicuous encrypted files mixed in among a much larger number of unencrypted "innocent" files that are rather mundane.

    If they just encrypted some text to be easily copy/pasted, it might look like this:

    -----BEGIN PGP MESSAGE-----


    hQEMA8UEZXHZTl03AQgApACIWimBN87NvW5i4b5djCPWhMWZMp2Z3oQVUlASKGVk

    EzxlkVwsoN+AJkChRmy9zD3hYUC9QqzA5t6iXkapjUmcI1L0gCq2PkZANS4CvQkm

    tpEgglKBBa1tIRJzuK18Ry2QpsTVEC3MahE8giadjYaSqxgZKwxLmrftL5fAmAod

    NS7CiQ+5R+MkqfzDoUSk8s5vgzIxzvzw4/v54/lXsmHGXZxKXPPrulqUOTtG/rB1

    QA8NqDpd2oDG+W9A76FyI5GzoAMqmWuIeqcVX1R5LPhCilIC2qWU5Q/sTcjSFJ5W

    rJTQr0KNsMQ0MomuR4sAp0XfuKLMckOwoV91JntRRYwuBAcDAnlZeVmvdnvIx+Z5

    o6tnhzuinPtBa0pjrYxtg2JkYmNZX+5XGRTrYev5EdLAzgFSyPjetuw0d8GK9XC7

    hN9E40QNwIKfXoGNS6yAAqPp0eeGfFWERobb1Sb6uD2BPZC1TfVe+tjkQOtT4jp3

    HoDqAdqfCJan+HuxD4Ngk2MLHHWckIqRWYY2vleG/Rr43VMiHpn/KNgO3a0w+xNU

    Y5ctoQlP3hMnCnQhE8ZvrXsx6txADscOdXBcIvqxI+KIYFjqlgJhdYQ5VjPAPBYs

    Gu7XpDgte/vjiO9Ox7yiClSh0i2CpDKLkqht2p9f604u2lqNwylAR2nagFwEA4dI

    gBMW0PnM4w7tadUAIFynfENpA4kaYLZmVF1zQP1tK9IXAbNnTh6KY7lOr8R2nGDg

    yu4Ii8ekx6Z3gSHW0ipOID8lIvsVJJmcTqs1l4xlw+dM8MbRtUzhM7kzxmynG7VC

    Ug8Op0pW/aM4qSnVGqUqICXyJm4VgmzWBf4BhnUlU9LJzygbIQNQjoZxaaabk22P

    o5lv4CqzDD0yXsaT//WvSfBBKdjD5oWLjjFSsvrFxh5gC6Ini9Kv4UF0bLXfNfUH

    =TNu7

    -----END PGP MESSAGE-----

    (You can decrypt the above text using GnuPG's notepad function and the password "testing"  It should decrypt to "This is a test")  The above block is encrypted with a standard password, AND to a public key (to which I have the private key pair).  An unsigned block with no public key would be significantly smaller.  Encryption using public key pairs is much more secure than just password based encryption.  Public key encryption is asymmetrical, meaning it can only be decrypted by the person who has the private key associated with it AND the password to that private key.  With this type of encryption, just as with file encryption, you would likely have the coded block buried in an inconspicuous file among many other inconspicuous "innocent" files.

    I recommend installing GnuPG and playing around with it.  Create a key pair, learn to copy and paste your public key.  Try encrypting some files and take a look at them.  Small files you can open in notepad.  Larger files you will need to open them with a hex editor.  That will give you a good idea of how they would appear, if you choose to go the file based route.

    The easy route would be your character KNOWS there is data on the drive, but plugging it in wants to format it.  (i.e. Whole drive encryption)  Knowing there has to be something there, takes it to an expert.  Whole drive encryption requires being "mounted" using the correct software and password.  For a long time, TrueCrypt was the #1 tool for this.  It has been discontinued, however your character could very well still be using it.  You cannot download from official sources anymore to play around with it, however Steve Gibson is hosting a mirror of it here:  https://www.grc.com/misc/truecrypt/truecrypt.htm  You are looking for 7.1a installation packages if you want to play around with it.


    Digital bitcoin:  Several different options here as well, but the most likely scenario for someone who is this privacy conscious would be a backup of their bitcoin wallet being stored on the encrypted drive.  (Also called the Bitcoin wallet's private key!)  I recommend downloading a bitcoin wallet app and create a wallet, try to export it to a file and see what that looks like.  

    If the character is less security conscious, they probably use a bitcoin wallet hosted online (as most people do these days) and maybe you find their usernames and passcodes for lots of places (i.e. facebook, twitter, baldmove.com, etc) and it includes their login for an online bitcoin wallet (i.e. coinbase).



    Recommended fiction that deals with public key encryption and sharing of encrypted data:  Little Brother by Cory Doctorow.  Available for FREE from the author here.

    His sequel "Homeland" is also very good.  It's available from the same site.

    GiovanniTomalexwhitham
  • @JoshTheBlack

    Thank you for all this information! Had to read it a couple of times to get a grip of it, but I think I'm with you. It's all very interesting and I'm going to look into playing around with some of this stuff before I get into rewriting the scene.

    Luckily, the set up is already pretty much as you suggested: the character suspects there is something on a USB drive, but does not know exactly what she is looking for. She then takes it to an expert who helps her out and finds (what I now understand to be) a backup of a character's digital bitcoin wallet. This should all still work as I planned, but I can now add some detail instead of glossing over it as I did in the previous draft.

    The help is much appreciated. I would be tempted to run the relevant scene(s) by you when they've been rewritten to see if they would play as realistic to someone who clearly has a good understanding of this stuff - that's if you are interested, of course! You've helped out enough already regardless, so thanks again.
  • No problem.  Catch me on the discord when you're ready for the quickest response.  I usually check the forums 1-2 times / week, but I'm always idle on the discord.  Email is the same as my username here at gmail.
  • @Tomalexwhitham

    I'm currently listening to episode 25 of the Need Canon podcast where they interview author Cory Doctorow, who writes really good tech thriller stuff. (He also works with the EFF.)

    He made a good point about how cracking encryption in stories is boring and unrealistic.  Due to the way encryption works, adding one bit to the key doubles the strength of it.  

    The way you defeat encryption is by looking for flaws in how it's designed, or more likely attacking the human element.  His example was using the "rubber hose method" whereby you find someone who knows the password, tie them to a chair and beat them with a rubber hose. 

    The entire episode is well worth a listen.

    Also, if you want to see how he tackled similar themes in his writing he has several books available that involve encryption (and he knows his stuff!). I would like to again recommend his YA novel "Little Brother.". The link to download it is in my comment earlier in this thread. Also, the third book in that series just came out (not free).  It was reviewed by the Washington Post here: https://www.washingtonpost.com/entertainment/books/cory-doctorows-attack-surface-is-a-riveting-techno-thriller/2020/10/13/a3a178d0-0cb9-11eb-8074-0e943a91bf08_story.html
Sign In or Register to comment.