MobileRead Forums - View Single Post - Still looking for the ultimate secure setup

Paranoid · 04-04-2004, 09:56 AM

Know my nick and know my mind :P

I've spend countless hours on finding the ideal encryption tool.
Ideal means secure, extremely fast, with lots of options.
Open/closed source and snakeoil are the buzz words in groups that are seriously looking into cryptography.

--Software encryption--
Only a few programs support encrypting a whole harddisk.
And I know only one program that also encrypts the bootdisk (mostly C:/)
And thats sad because there's often a lot of important data on C:
All kind of tempfiles and registry entries.
Opensource programs usually/always lack speed.
And only a few titles support hardware tokens like iKey.
Ignoring the dangers of snakeoil 2 programs come out on top:
- Drivecrypt Plus Pack -> supports encryption of drive C: / good speed / www.drivecrypt.com
- StrongDisk -> Good speed / many options / only thing it lacks is encryption of drive C: / www.strongdisk.com

--Hardware encryption--
It's simple... en/decryption takes some calculations. No matter how optimized the code is the CPU has to spend time on it.
Thats why I started looking for hardware encryption.
* Enova's X-wall
Max. transfer rate 1.6Gbit/s (200MB/s)
Comes in 40/64/128/192 bit DES/3DES (all same speed
It's mounted beween your IDEA interfcae and HD. Insert a hardware token. Thats all.
Because it's hardware only it works with any OS.
And also important it encrypts everything including the OS
http://www.enovatech.com/w/html/ps_lx_asic.htm
http://www.enovatech.com/w/html/ps_how_to_select.htm
I can't find any reseller but found several old refrences that the pricerange is USD 50-200
The smaller keys are already broken so personally I wouldnt even use em if they where free.
So that probebly puts the pricemark at USD 150-200
Another benefit is, I think, that there are no files that can be damaged. And normal disk repair tools still work.

-- (wireless) Networking --
A big problem with encryption is that it's usally very obvious you are using it.
HDs with only a few huge containers. Passwordboxes popping up. Strange hardware.
Because of this and noise reduction I've been thinking about a fileserver on a network.
Hide the fileserver somewhere. Like in a hole in your garden

Upon system boot the remote drives get mounted if the correct key is entered.
Unfortunately a normal network is obvious to detect becaue of the wires.
And a wireless network is kinda slow.
However if the fileserver idea works the en/decryption overhead is solved as the CPU on the fileserver has has it's only task
en/decryption.
Maybe it can even run on a diffrent OS?
I have a old spare AMD T-bird 900Mhz PC with 768MB PC133 ram. I think that should be enough...?

Regards,
Paranoid

04-04-2004, 09:56 AM	#1
Paranoid Member Posts: 16 Karma: 31 Join Date: Apr 2004 Location: Under a rock Device: None	Still looking for the ultimate secure setup Know my nick and know my mind :P I've spend countless hours on finding the ideal encryption tool. Ideal means secure, extremely fast, with lots of options. Open/closed source and snakeoil are the buzz words in groups that are seriously looking into cryptography. --Software encryption-- Only a few programs support encrypting a whole harddisk. And I know only one program that also encrypts the bootdisk (mostly C:/) And thats sad because there's often a lot of important data on C: All kind of tempfiles and registry entries. Opensource programs usually/always lack speed. And only a few titles support hardware tokens like iKey. Ignoring the dangers of snakeoil 2 programs come out on top: - Drivecrypt Plus Pack -> supports encryption of drive C: / good speed / www.drivecrypt.com - StrongDisk -> Good speed / many options / only thing it lacks is encryption of drive C: / www.strongdisk.com --Hardware encryption-- It's simple... en/decryption takes some calculations. No matter how optimized the code is the CPU has to spend time on it. Thats why I started looking for hardware encryption. * Enova's X-wall Max. transfer rate 1.6Gbit/s (200MB/s) Comes in 40/64/128/192 bit DES/3DES (all same speed It's mounted beween your IDEA interfcae and HD. Insert a hardware token. Thats all. Because it's hardware only it works with any OS. And also important it encrypts everything including the OS http://www.enovatech.com/w/html/ps_lx_asic.htm http://www.enovatech.com/w/html/ps_how_to_select.htm I can't find any reseller but found several old refrences that the pricerange is USD 50-200 The smaller keys are already broken so personally I wouldnt even use em if they where free. So that probebly puts the pricemark at USD 150-200 Another benefit is, I think, that there are no files that can be damaged. And normal disk repair tools still work. -- (wireless) Networking -- A big problem with encryption is that it's usally very obvious you are using it. HDs with only a few huge containers. Passwordboxes popping up. Strange hardware. Because of this and noise reduction I've been thinking about a fileserver on a network. Hide the fileserver somewhere. Like in a hole in your garden Upon system boot the remote drives get mounted if the correct key is entered. Unfortunately a normal network is obvious to detect becaue of the wires. And a wireless network is kinda slow. However if the fileserver idea works the en/decryption overhead is solved as the CPU on the fileserver has has it's only task en/decryption. Maybe it can even run on a diffrent OS? I have a old spare AMD T-bird 900Mhz PC with 768MB PC133 ram. I think that should be enough...? Regards, Paranoid