Encryption for the masses

Encryption for the masses
Kelly Martin, 2006-03-21

File and disk encryption needs to be simple and easy if it's going to be used. This article looks at Apple's FileVault and takes a sneak peak at what's coming in Windows Vista.

Expand all | Post comment

Encryption for the masses 2006-03-22
Anonymous

Encryption for the masses 2006-03-22
Scott Ramsdell (3 replies)

Re: Encryption for the masses 2006-03-22
William

"Encrypting a drive offers no security when someone has physical access to the machine. Why? Because the encryption key itself cannot be encrypted, it has to be on the disk some..."

Not quite true-- most key-based encryption systems DO encrypt the keys locally, and use a (usually smaller) password for the encryption of the private key stored on the drive.
The result is that even with physical access to the machine SOME SECURITY is present, although less than otherwise. This is because it is easier to break the smaller password than the full key. Some security is still there, but it will be MUCH easier to break (like using a small key in the first place)

Now if the system is to AUTOMATICALLY mount the drive unencrypted (ie without asking for a password first), THEN there really is NO SECURITY, as the key will HAVE TO BE UNENCRYPTED.

William

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/393/33361#33361

Re: Encryption for the masses 2006-03-23
Anonymous (2 replies)

Re: Re: Encryption for the masses 2006-03-24
Ja.

Re: Re: Encryption for the masses 2006-03-24
Peter

Re: Encryption for the masses 2006-03-23
J (1 replies)

Re: Re: Encryption for the masses 2006-03-25
Anonymous

Only open source security can be trustworthy 2006-03-23
Anonymous

Encryption for the masses 2006-03-24
Anonymous

One problem with EFS 2006-03-28
Anonymous (1 replies)

Re: One problem with EFS 2006-03-28
Anonymous

Encryption for the masses 2006-04-16
Anonymous