Re: Re: Hard disk Encryption



On Thu, 12 Apr 2007, Balaji Prasad wrote:
I wanted to start a discussion on strong and weak algorithms for
disk encryption, their popularity and specific tradeoffs. Do we know
of any test tools that can break an encrypted hard disk? What
possible options does a hacker have if they have access to an
encrypted disk.

Despite what you can see in movies [1], the real-life
cryptographers believe [2] that it will not be possible to crack
AES with random 128-bit key long beyond 2030. Since AES is quite
fast there is no trade-offs -- just use AES.

The main problem is how you store (or derive) the key. For
example, if you use TPM to store the key, it will be easily
extracted by an attacker with hardware tools for bus access.


[1] <http://www.schneier.com/blog/archives/2005/04/blowfish_on_24.html>
[2] <http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf>

--
Regards,
ASK



Relevant Pages

  • Re: Securing ARC4
    ... LZO has nothing to do with encryption. ... The best data I could find was that the best C implementations of AES ... need to use a separate key for each sector of the disk if you are going to ... use a stream cypher, so that you can randomly access each sector. ...
    (sci.crypt)
  • Re: Re: Hard disk Encryption
    ... I wanted to start a discussion on strong and weak algorithms for disk ... their popularity and specific tradeoffs. ... Do we know of any test tools that can break an encrypted hard disk? ... dunno about other hard-disk encryption material. ...
    (Security-Basics)
  • Re: does loop-AES have good performance for all filesystems?
    ... The performance of the encryption was not good. ... Now you have a faster disk and probably expect a faster ... partition you use it on. ... AES is designed to be ...
    (comp.os.linux.security)
  • Attack Scenarios against PGPs Whole Disk Encryption (WDE)
    ... Attack Scenarios against PGP's Whole Disk Encryption ... PGP's Whole Disk Encryption for Microsoft Windows encrypts all the ... As long as standard PC hardware and BIOS is used, the boot code of the disk ...
    (comp.security.pgp.tech)
  • RE: [Full-Disclosure] harddisk encryption
    ... If the encryptor encrypts your boot disk, it has to be involved early in the ... boot process and may be broken by anything that changes the system boot sequence. ... normally when the encryption keys had been entered. ... registry controls that allow the swap file to be wiped on shutdown. ...
    (Full-Disclosure)