Re: File Encryption/Decryption Question
- From: Ertugrul Soeylemez <do-not-spam-me@xxxxxxxx>
- Date: Mon, 16 Jul 2007 06:56:24 +0200
"John Doe" <wustlumc@xxxxxxxxxxxxx> (07-07-14 23:21:12):
I am using a major brand of file encryption that stores its keys in a
database file. My files were being backed, but were encrypted at the
same time. Recently, I suffered a hard disk crash and had to resort
to restore my files that were stored under "my documents".
Unfortunately, the database with the keys wasn't being backed up
because they weren't located under "my documents". Needless to say,
the files that were backed up can't be decrypted under normal
operation after being restored.
Maybe I should note that your security concept is completely pointless.
Either you backup the keys, by what attackers can easily get to the
plaintext, or you don't backup the keys, turning the backups useless in
case of data loss.
Do software developers keep backup keys available for this situation
or am I hosed? Is there anything on the marked to decrypt these
files?
Developers of secure encryption software (i.e. not closed-source)
generally don't keep such "backup keys", because again that would render
the entire security system completely pointless.
If the cipher used is a secure one, then yes, you're hosed. There are
programs for brute-forcing, but if your keys were random (i.e. not
generated from a passphrase), then don't bother -- your data is lost.
Regards,
Ertugrul Söylemez.
--
Security is the one concept, which makes things in your life stay as
they are. Otto is a man, who is afraid of changes in his life; so
naturally he does not employ security.
.
- Follow-Ups:
- References:
- File Encryption/Decryption Question
- From: John Doe
- File Encryption/Decryption Question
- Prev by Date: Re: port scan shows ports not stealthed
- Next by Date: Re: port scan shows ports not stealthed
- Previous by thread: Re: File Encryption/Decryption Question
- Next by thread: Re: File Encryption/Decryption Question
- Index(es):
Relevant Pages
|
