View Single Post
Old 04-04-2004, 09:56 AM   #1
Paranoid began at the beginning.
Paranoid's Avatar
Posts: 16
Karma: 31
Join Date: Apr 2004
Location: Under a rock
Device: None
Still looking for the ultimate secure setup

Know my nick and know my mind :P

I've spend countless hours on finding the ideal encryption tool.
Ideal means secure, extremely fast, with lots of options.
Open/closed source and snakeoil are the buzz words in groups that are seriously looking into cryptography.

--Software encryption--
Only a few programs support encrypting a whole harddisk.
And I know only one program that also encrypts the bootdisk (mostly C:/)
And thats sad because there's often a lot of important data on C:
All kind of tempfiles and registry entries.
Opensource programs usually/always lack speed.
And only a few titles support hardware tokens like iKey.
Ignoring the dangers of snakeoil 2 programs come out on top:
- Drivecrypt Plus Pack -> supports encryption of drive C: / good speed /
- StrongDisk -> Good speed / many options / only thing it lacks is encryption of drive C: /

--Hardware encryption--
It's simple... en/decryption takes some calculations. No matter how optimized the code is the CPU has to spend time on it.
Thats why I started looking for hardware encryption.
* Enova's X-wall
Max. transfer rate 1.6Gbit/s (200MB/s)
Comes in 40/64/128/192 bit DES/3DES (all same speed
It's mounted beween your IDEA interfcae and HD. Insert a hardware token. Thats all.
Because it's hardware only it works with any OS.
And also important it encrypts everything including the OS
I can't find any reseller but found several old refrences that the pricerange is USD 50-200
The smaller keys are already broken so personally I wouldnt even use em if they where free.
So that probebly puts the pricemark at USD 150-200
Another benefit is, I think, that there are no files that can be damaged. And normal disk repair tools still work.

-- (wireless) Networking --
A big problem with encryption is that it's usally very obvious you are using it.
HDs with only a few huge containers. Passwordboxes popping up. Strange hardware.
Because of this and noise reduction I've been thinking about a fileserver on a network.
Hide the fileserver somewhere. Like in a hole in your garden
Upon system boot the remote drives get mounted if the correct key is entered.
Unfortunately a normal network is obvious to detect becaue of the wires.
And a wireless network is kinda slow.
However if the fileserver idea works the en/decryption overhead is solved as the CPU on the fileserver has has it's only task
Maybe it can even run on a diffrent OS?
I have a old spare AMD T-bird 900Mhz PC with 768MB PC133 ram. I think that should be enough...?

Paranoid is offline   Reply With Quote