RSS

secondary storage-- disk encryption

Disk Encryption is use software or hardware to encrypt data. Its helps to prevent unauthorized access of data. Disk encryption generally use the same key to encrypt the whole volume, so all data are decrypt able when the system run. But still some disk encryption solution use multiple keys for encrypting different dividers, so when the hacker access the computer during computer run time, then he or she can access all files in the computer. 


However Conventional file and folder encryption allow different keys to different parts of disk, so the hacker cannot extract information from the still-encrypted files and folders.While File-System level encryption do not encrypt file system  metadata for examples file name, modification timestamp and etc.

Trusted Platform Module(TMP) is a secure cryptoprocessor that set in in the motherboard by that only can used by a authenticate hardware device. The advantage if TMO is that the disk cannot be removed from the device, but at the same time it also can create other problems such as if something has happen to TMP or the motherboard , then we cannot to access the data by just connect the hard disk to other computers unless we have the separate recovery key

If you want to buy some disc encryption on market, there are variety of tools are available. But divided into 2 main categories that are hardware-based and software-based. Hardware-based full disk encryption are faster and not burden CPU or hard disk drive then software-based encryption. Unfortunately it do not offer strong Authentication or Pre- Boot Authentication component and a weak method of authentication may weaken it.


Citation from http://www.truecrypt.org/

However, recently a research has found out that disk encryption may not be secure enough. This is because they do not attack the encryption directly but it depend on gaining access to the content of computer RAM. But by how?? It just by a simple instrument such as booting a laptop over a network or form a USB drive and then scanning  for encryption keys.

Normally for those people who have done disk encryption for their files and folders in their laptop believe that if computer being stolen or lost, then the data inside it will be safe and cannot be retrieve. But if the thief is FBI agent or a border guard, then they just swipes laptop locked with screen saver or in sleep mode and with the RAM together, then the encryption shows no protection because we cannot rely on screen saver but can urn off the computer. Besides if the content remains in computer memory than it can easily be accessed by a determined person if the system still running.

If we use an encrypted file system and want privacy and security when we are not using the computer, then we need to shut down our computer and wait for a few minutes for the RAM content to vanish.
As early as 1984, the FBI Laboratory began developing computer forensics hardware. And we know from the Scarfo, Forrester-Alba, and Boucher cases how intent federal police agencies are in trying to find ways to circumvent the privacy that encryption provides. If the feds didn't know about these techniques already--remember, they were years ahead of everyone else in inventing public key cryptography--today will be a very good day for Homeland Security.


Assuming you use windows, I would actually recommend you just encrypt your personal files with EFS (I'm hoping you had the smarts to at least get the Pro version). If you can figure out what's uniquely yours, where the files are (usually a single source) and you commit to using a strong Windows password, EFS is going secure enough for you. This will provide you the smallest performance impact with the most convenience.

0 comments:

Post a Comment