Re: Help secure my data (They will steal my drive)
From: AE (hidden_at_nospam.com)
Date: 04/12/04
- Next message: AE: "Re: How secure is 2048 bit RSA?"
- Previous message: Bill Unruh: "Re: true random number generator"
- In reply to: Ahmad: "Help secure my data (They will steal my drive)"
- Next in thread: Simon Johnson: "Re: Help secure my data (They will steal my drive)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 Apr 2004 18:20:42 +0200
Ahmad wrote:
> ...
> He asked me how to effectively secure the information. At first he
> asked if the drive can be made to only work on his machine or
> somthin similar?! I thought it won't be possible. The only solution in
> my mind is to ecrypt the files, if there is any other solution, please
> keep me updated!
You won't get any other solution for free.
> Anyway, if we take encryption as THE solution. And if we want a free
> (0$) solution. Could you please comment on these questions:
>
> 1- Is GPG my best friend here? Any other solutions?
In case you are running windows you should consider "Blowfish Advanced"
by Markus Hahn (http://maakus.dyndns.org/software.html) - meanwhile it's
fairly old, but it supports strong password-based encryption and can be
used as a file shredder (overwrites files before deleting to make it
harder to recover them).
> 2- If the drive is stolen, the attacker will have my public & private
> keys!! What should the length of my passphrase be to get the real
> protection power of the 1792 bit default encryption method?
1792 bit public key is comparable to about 100 bit private key - since
the password is not truely random you'll need longer passphrases. Plain
english text contains order of magnitude 1.3 bit per character, random
printable ascii characters about 6.5 bit per character.
> 3- Will an 8 character passphrase provide an 8*8=64 bit effective
> protection instead of the 1792???? Am I obliged to use a 220
> chracter passphrase (which is impossible) :(
see above
> PS: The machine is not networked and physically secured.
> regards
Yor main problem are the remains of plaintext on your harddisk:
In case your passphrase is not trivial it's much more likely an attacker
will try to recover plaintext from swap files/virtual memory and from
deleted files than to break an even remotely strong encryption algorithm.
While the software I mentioned above overwrites files it's likely you
won't be able to delete all temporary files and you won't be able to
delete virtual memory.
- Next message: AE: "Re: How secure is 2048 bit RSA?"
- Previous message: Bill Unruh: "Re: true random number generator"
- In reply to: Ahmad: "Help secure my data (They will steal my drive)"
- Next in thread: Simon Johnson: "Re: Help secure my data (They will steal my drive)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
