Still looking for the ultimate secure setup

Paranoid · 04-04-2004, 09:56 AM

Know my nick and know my mind :P

I've spend countless hours on finding the ideal encryption tool.
Ideal means secure, extremely fast, with lots of options.
Open/closed source and snakeoil are the buzz words in groups that are seriously looking into cryptography.

--Software encryption--
Only a few programs support encrypting a whole harddisk.
And I know only one program that also encrypts the bootdisk (mostly C:/)
And thats sad because there's often a lot of important data on C:
All kind of tempfiles and registry entries.
Opensource programs usually/always lack speed.
And only a few titles support hardware tokens like iKey.
Ignoring the dangers of snakeoil 2 programs come out on top:
- Drivecrypt Plus Pack -> supports encryption of drive C: / good speed / www.drivecrypt.com
- StrongDisk -> Good speed / many options / only thing it lacks is encryption of drive C: / www.strongdisk.com

--Hardware encryption--
It's simple... en/decryption takes some calculations. No matter how optimized the code is the CPU has to spend time on it.
Thats why I started looking for hardware encryption.
* Enova's X-wall
Max. transfer rate 1.6Gbit/s (200MB/s)
Comes in 40/64/128/192 bit DES/3DES (all same speed
It's mounted beween your IDEA interfcae and HD. Insert a hardware token. Thats all.
Because it's hardware only it works with any OS.
And also important it encrypts everything including the OS
http://www.enovatech.com/w/html/ps_lx_asic.htm
http://www.enovatech.com/w/html/ps_how_to_select.htm
I can't find any reseller but found several old refrences that the pricerange is USD 50-200
The smaller keys are already broken so personally I wouldnt even use em if they where free.
So that probebly puts the pricemark at USD 150-200
Another benefit is, I think, that there are no files that can be damaged. And normal disk repair tools still work.

-- (wireless) Networking --
A big problem with encryption is that it's usally very obvious you are using it.
HDs with only a few huge containers. Passwordboxes popping up. Strange hardware.
Because of this and noise reduction I've been thinking about a fileserver on a network.
Hide the fileserver somewhere. Like in a hole in your garden

Upon system boot the remote drives get mounted if the correct key is entered.
Unfortunately a normal network is obvious to detect becaue of the wires.
And a wireless network is kinda slow.
However if the fileserver idea works the en/decryption overhead is solved as the CPU on the fileserver has has it's only task
en/decryption.
Maybe it can even run on a diffrent OS?
I have a old spare AMD T-bird 900Mhz PC with 768MB PC133 ram. I think that should be enough...?

Regards,
Paranoid

Alexander Turcic · 04-05-2004, 03:08 PM

Interesting thread!
Trust me, you are not alone on your search for the ideal encryption tool. Let me try to follow your discussion...

--Software encryption--
Beside DriveCrypt Plus, two other full-harddisk encryption tools for MS Windows system are

- Utimaco's SafeGuard Easy
- Control Break's Safeboot Solo (Website currently down).

I wouldn't go for DriveCrypt or DriveCrypt Plus, because of the company who is behind it (SecurStar). In another thread here I wrote about SecurStar's dealing with open-source products like TrueCrypt.

Honestly, if you are looking for the ideal encryption tool, your tool must be open-source!

--Hardware encryption--
I don't know much about hardware encryption. One thing for sure: don't go for any 40/64bit DES products. Go for at least 128bit, and if possible not with DES, because its depreciated. Instead, the hardware should support either 3DES (very slow) or AES. The trouble I have is if I want to upgrade my hardware, let's say to SATA hard disks, and the encryption controller doesn't support that...
Other hardware solutions:
- Abit SecureIDE
- Via C3 PadLock and here.

-- (wireless) Networking --
This is actually my favorite solution as of right now. I have a FreeBSD machine (which becomes more and more my Windows replacement), which has geom-gbde installed. I think I wrote about it somewhere else here. It is open-source harddisk encryption with great performance and some nifty features (such as sector remapping). Then, you go one step further and encrypt your network traffic with a hardware encryption (see here - hardware based on this chip is here and here ). This way you can design the strongest virtual private network security without sacrificing performance or spending big bucks on the wrong solution (say bye to SecurStar).

Btw, a "AMD T-bird 900Mhz PC with 768MB PC133" should be more than sufficient if you run any *BSD operation system.

Paranoid · 04-05-2004, 05:13 PM

Sure I agree on the open source. Probebly I didn't stress that enough in my post.
It's just that what I tested sofar the opensource is often slower and to low on features.
--------------
DES. Sure I would go for 192/168 bit 3DES
DES is very fast in hardware. It was originally designed as an hardware based cipher.
AFAIK DES has never been broken by cryptoanalysis. And only the 40/56 bit versions are bruteforced. So looking at pure time to bruteforce 3DES is extremely secure.
Anyway the 3DES chips I know do 1.6Gbit/s.
Altough according to NIST it does only EBC. Some see that as a major drawback.
Surely CBC is more secure. But I think CBC is impossible (no matter what cipher) when using as full HD encryption. Firstly the hardware doesnt know about files because it just encrypts datastreams. Secondly suppose you need a block at the end of a 200GB HD. It would mean you should decrypt 200GB to get the 'key' for the last block.
But I must admit if I had the chance I would go for AES or Twofish...

Abit SecureIDE is only 40bit DES iirc. With an Enova chip
http://www.enovatech.com/w/index.html
or
http://www.enovatek.com.tw/index.htm

C3 is very fast but I can't find an end user solution for it.

=============================
(wireless) networking
Encryption should be very fast. Otherwise 'the user' could be tempted to bypass it.
Offloading the calculations to another box would be a good start.
I never had a network neither did I used BSD. So a few questions.
a] Say I install BSD with the encryption package of your choice. What kind of speed I can expect? I think 30-40MB/s is needed for decent performance.
b] Is there something to choose from on BSD. I've seen alot on Linux and Windows but nothing on the DevilOS

c] I think wireless is very slow and not near 30MB/s
d] Whats the latency on a (wireless) network.
I use some heavy. For example an app that does do a *lot* of database access.

Alexander Turcic · 04-06-2004, 03:45 AM

Quote:

DES. Sure I would go for 192/168 bit 3DES
DES is very fast in hardware. It was originally designed as an hardware based cipher. AFAIK DES has never been broken by cryptoanalysis. And only the 40/56 bit versions are bruteforced. So looking at pure time to bruteforce 3DES is extremely secure.

3DES is secure - DES is not. And you should assume that by now there is also hardware available to quickly break DES with higher than 56bit (remember we are talking about the "ideal encryption solution" here). Check here for more.

Btw, I would be hesitant to buy hardware encryption from eNOVA, who is a Chinese company. Would you "trust" them if they "gave their word" that there was no backdoor included?

Quote:

Surely CBC is more secure. But I think CBC is impossible (no matter what cipher) when using as full HD encryption. Firstly the hardware doesnt know about files because it just encrypts datastreams. Secondly suppose you need a block at the end of a 200GB HD. It would mean you should decrypt 200GB to get the 'key' for the last block.

I think you misunderstand how CBC works. For using CBC, you don't need to know anything about "files" nor do you have to jump 200GB forward.

I give you an example: I once wrote a WinNT driver that would encrypt data written to a DAT backup tape. This driver supported AES, Twofish, and Serpent of variable key length plus it supports CBC. The driver did not know anything about "files" written to the tape (the encryption is block based, like it is the case with a harddrive encryption) nor did it have to jump back and forth on the tape (you can imagine what physical strain that would put on a tape). I attached the driver source to this post, so you can have a closer look if you know C programming.

Quote:

(wireless) networking
Encryption should be very fast. Otherwise 'the user' could be tempted to bypass it.

Have you looked at the network hardware encryption I posted? I've heard some good user comments on the vpn12x1, though never used it myself. Note that the encryption does not have to be faster than the speed of your network (which is usually limited to 100Mbit). The vpn12x1 specs say that encryption, DES, Triple-DES and RC4 range from 70 to 188 Mbps. So that is not too bad.

Quote:

a] Say I install BSD with the encryption package of your choice. What kind of speed I can expect? I think 30-40MB/s is needed for decent performance.

That depends on many variables. Are you planning to use a software-only encryption? The one I mentioned, geom-gbde, "seems" to have a good throughput, though I've never measured it. Also, I think there are other factors that would heavily influence this measurement (computer cpu, harddisk (ide-scsi-raid)).

Quote:

b] Is there something to choose from on BSD. I've seen alot on Linux and Windows but nothing on the DevilOS

I am using FreeBSD. While both OpenBSD and FreeBSD fully support the vpn12x1 chip, only FreeBSD comes with geom-gbde.

Quote:

c] I think wireless is very slow and not near 30MB/s

I wouldn't go for wireless then

Btw, did you really mean 30MB/s? Even with a 100mbit lan, you won't make more than 10MB/s.

Quote:

d] Whats the latency on a (wireless) network.
I use some heavy. For example an app that does do a *lot* of database access.

I am sorry but I think I didn't understand the question. The speed of your network depends on various variables, too. There is the physical constraint (10mbit, 100mbit, 1gbit, ...). Then, what protocol are you using? SMB? NFS? IPX? Huge difference.

Greets
Alex

Paranoid · 04-06-2004, 12:36 PM

eNova
Personally I would trust a Chinese compagny more then a US company.
And I have to rely on trust whatever I choose. I only trust myself. And I'm not skilled enough to check for backdoors. I know there is a community that does check it. But that usally boils down do the same group of ppl. For example prove me that Zimmerman and Scheider are not on the CIA/FBI/NSA payroll
Please understand that I'm *not* attacking your remark but merly trying to explain that at some point we have to take the step and trust....

Your article is about bruteforcing. I have to look for it but there is a paper around that calculates the energy to brutefoce 3DES or other modern ciphers. Conclusion there is not enough engergy in the universe to do so...
--------
CBC
I know that for HD encryption nothing needs to be known about files. Thats why I wrote datastream.
http://www.randomneuron.com/security/symencrypt.htm
"CBC - Cipher Block Chaining - In CBC mode, the previous ciphertext block is XOR'd with the current plaintext block and the result is then encrypted."
From that I read that to decrypt a block you need the 'result' of the previous block.
So I think at least 2 blocks are needed. I was stupidly assuming the previous block needed to be decrypted to decrypt the current block. But the previous block can only be decrypted by another previous block. It will impose a small overhead but far less then I assummed. My C is far to bad to understand the 'small print' we are talking about here.
-------
Wireless networking.
I did only look very briefly at the link you gave me because teh network has my last priority. But I bookmarked all your links for later refrence.
--------
About speed needed.
Yes I mean 30MB/s. And 100Mbit is 'obsolete' now. Even onboard LAN is Gigabit nowadays.
I have fairly highend IDEA drives. 2x WD 1000BB (no RAID)
I'm willing to pay $1000 for a speedy solution that meets my demands.

IMO security comes in 3 parts:
a] Strong cipher.
b] Good authentication. Like iKey. The entropy of password that can be remebers by humans is often to low. I didn't find a opensource program that supports such stuff.
c] Speed. About everyone wants security. But only a few want to pay the speedhit.
And then ppl start to looking for tradeoffs. And very often that tradeoff is no encryption or something with the 'strength' of ROT13

Even the paranoid ppl do that. After all you should encrypt your data with AES256 and encrypt the result with Twofish. Just incase the spooks found a hole somewhere.
-----
Networkspeed.
Defenition of a network. "2 nics and a wire" End of my network knowledge :P
I don't care a bit if it uses smokesignals or nuclear power as long it's fast.
------
Sometimes I think what the f*uck am I being so obcessed with strongciphers.
The local police department can barely break 10 bit ciphers and somehow I don't think the CIA isn't very intrested in the loveletters I encrypted

Alexander Turcic · 04-06-2004, 01:03 PM

Heh it is exactly the challenge of those theoratical discussions that can me so much fun

hanselman · 04-26-2004, 05:11 PM

Here is a good review in SC Magazine about a new tool. http://www.deslock.com

04-04-2004, 09:56 AM	#1
Paranoid Member Posts: 16 Karma: 31 Join Date: Apr 2004 Location: Under a rock Device: None	Still looking for the ultimate secure setup Know my nick and know my mind :P I've spend countless hours on finding the ideal encryption tool. Ideal means secure, extremely fast, with lots of options. Open/closed source and snakeoil are the buzz words in groups that are seriously looking into cryptography. --Software encryption-- Only a few programs support encrypting a whole harddisk. And I know only one program that also encrypts the bootdisk (mostly C:/) And thats sad because there's often a lot of important data on C: All kind of tempfiles and registry entries. Opensource programs usually/always lack speed. And only a few titles support hardware tokens like iKey. Ignoring the dangers of snakeoil 2 programs come out on top: - Drivecrypt Plus Pack -> supports encryption of drive C: / good speed / www.drivecrypt.com - StrongDisk -> Good speed / many options / only thing it lacks is encryption of drive C: / www.strongdisk.com --Hardware encryption-- It's simple... en/decryption takes some calculations. No matter how optimized the code is the CPU has to spend time on it. Thats why I started looking for hardware encryption. * Enova's X-wall Max. transfer rate 1.6Gbit/s (200MB/s) Comes in 40/64/128/192 bit DES/3DES (all same speed It's mounted beween your IDEA interfcae and HD. Insert a hardware token. Thats all. Because it's hardware only it works with any OS. And also important it encrypts everything including the OS http://www.enovatech.com/w/html/ps_lx_asic.htm http://www.enovatech.com/w/html/ps_how_to_select.htm I can't find any reseller but found several old refrences that the pricerange is USD 50-200 The smaller keys are already broken so personally I wouldnt even use em if they where free. So that probebly puts the pricemark at USD 150-200 Another benefit is, I think, that there are no files that can be damaged. And normal disk repair tools still work. -- (wireless) Networking -- A big problem with encryption is that it's usally very obvious you are using it. HDs with only a few huge containers. Passwordboxes popping up. Strange hardware. Because of this and noise reduction I've been thinking about a fileserver on a network. Hide the fileserver somewhere. Like in a hole in your garden Upon system boot the remote drives get mounted if the correct key is entered. Unfortunately a normal network is obvious to detect becaue of the wires. And a wireless network is kinda slow. However if the fileserver idea works the en/decryption overhead is solved as the CPU on the fileserver has has it's only task en/decryption. Maybe it can even run on a diffrent OS? I have a old spare AMD T-bird 900Mhz PC with 768MB PC133 ram. I think that should be enough...? Regards, Paranoid

04-26-2004, 05:11 PM	#7
hanselman Nameless Being	New Encryption Tool Here is a good review in SC Magazine about a new tool. http://www.deslock.com

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Setup for PDF	juniorbonner	Calibre	2	10-14-2010 05:00 PM
Help with FBReader setup	Big Kev	Reading and Management	9	10-08-2010 10:33 AM
"Secure" PDF and "Secure" Mobi docs?	AceHarddrive	iRex	9	05-08-2008 09:13 PM
Setup Interrupted - a x64 vista ultimate issue	MentalTyranny	Sony Reader	2	02-11-2008 02:42 PM
PRS-500 My setup	Nogg	Sony Reader Dev Corner	12	08-22-2007 01:30 PM

04-05-2004, 03:08 PM	#2
Alexander Turcic Fully Converged Posts: 18,163 Karma: 14021202 Join Date: Oct 2002 Location: Switzerland Device: Too many to count here.	Interesting thread! Trust me, you are not alone on your search for the ideal encryption tool. Let me try to follow your discussion... --Software encryption-- Beside DriveCrypt Plus, two other full-harddisk encryption tools for MS Windows system are - Utimaco's SafeGuard Easy - Control Break's Safeboot Solo (Website currently down). I wouldn't go for DriveCrypt or DriveCrypt Plus, because of the company who is behind it (SecurStar). In another thread here I wrote about SecurStar's dealing with open-source products like TrueCrypt. Honestly, if you are looking for the ideal encryption tool, your tool must be open-source! --Hardware encryption-- I don't know much about hardware encryption. One thing for sure: don't go for any 40/64bit DES products. Go for at least 128bit, and if possible not with DES, because its depreciated. Instead, the hardware should support either 3DES (very slow) or AES. The trouble I have is if I want to upgrade my hardware, let's say to SATA hard disks, and the encryption controller doesn't support that... Other hardware solutions: - Abit SecureIDE - Via C3 PadLock and here. -- (wireless) Networking -- This is actually my favorite solution as of right now. I have a FreeBSD machine (which becomes more and more my Windows replacement), which has geom-gbde installed. I think I wrote about it somewhere else here. It is open-source harddisk encryption with great performance and some nifty features (such as sector remapping). Then, you go one step further and encrypt your network traffic with a hardware encryption (see here - hardware based on this chip is here and here ). This way you can design the strongest virtual private network security without sacrificing performance or spending big bucks on the wrong solution (say bye to SecurStar). Btw, a "AMD T-bird 900Mhz PC with 768MB PC133" should be more than sufficient if you run any *BSD operation system.

04-05-2004, 05:13 PM	#3
Paranoid Member Posts: 16 Karma: 31 Join Date: Apr 2004 Location: Under a rock Device: None	Sure I agree on the open source. Probebly I didn't stress that enough in my post. It's just that what I tested sofar the opensource is often slower and to low on features. -------------- DES. Sure I would go for 192/168 bit 3DES DES is very fast in hardware. It was originally designed as an hardware based cipher. AFAIK DES has never been broken by cryptoanalysis. And only the 40/56 bit versions are bruteforced. So looking at pure time to bruteforce 3DES is extremely secure. Anyway the 3DES chips I know do 1.6Gbit/s. Altough according to NIST it does only EBC. Some see that as a major drawback. Surely CBC is more secure. But I think CBC is impossible (no matter what cipher) when using as full HD encryption. Firstly the hardware doesnt know about files because it just encrypts datastreams. Secondly suppose you need a block at the end of a 200GB HD. It would mean you should decrypt 200GB to get the 'key' for the last block. But I must admit if I had the chance I would go for AES or Twofish... Abit SecureIDE is only 40bit DES iirc. With an Enova chip http://www.enovatech.com/w/index.html or http://www.enovatek.com.tw/index.htm C3 is very fast but I can't find an end user solution for it. ============================= (wireless) networking Encryption should be very fast. Otherwise 'the user' could be tempted to bypass it. Offloading the calculations to another box would be a good start. I never had a network neither did I used BSD. So a few questions. a] Say I install BSD with the encryption package of your choice. What kind of speed I can expect? I think 30-40MB/s is needed for decent performance. b] Is there something to choose from on BSD. I've seen alot on Linux and Windows but nothing on the DevilOS c] I think wireless is very slow and not near 30MB/s d] Whats the latency on a (wireless) network. I use some heavy. For example an app that does do a lot of database access.

04-06-2004, 12:36 PM	#5
Paranoid Member Posts: 16 Karma: 31 Join Date: Apr 2004 Location: Under a rock Device: None	eNova Personally I would trust a Chinese compagny more then a US company. And I have to rely on trust whatever I choose. I only trust myself. And I'm not skilled enough to check for backdoors. I know there is a community that does check it. But that usally boils down do the same group of ppl. For example prove me that Zimmerman and Scheider are not on the CIA/FBI/NSA payroll Please understand that I'm not attacking your remark but merly trying to explain that at some point we have to take the step and trust.... Your article is about bruteforcing. I have to look for it but there is a paper around that calculates the energy to brutefoce 3DES or other modern ciphers. Conclusion there is not enough engergy in the universe to do so... -------- CBC I know that for HD encryption nothing needs to be known about files. Thats why I wrote datastream. http://www.randomneuron.com/security/symencrypt.htm "CBC - Cipher Block Chaining - In CBC mode, the previous ciphertext block is XOR'd with the current plaintext block and the result is then encrypted." From that I read that to decrypt a block you need the 'result' of the previous block. So I think at least 2 blocks are needed. I was stupidly assuming the previous block needed to be decrypted to decrypt the current block. But the previous block can only be decrypted by another previous block. It will impose a small overhead but far less then I assummed. My C is far to bad to understand the 'small print' we are talking about here. ------- Wireless networking. I did only look very briefly at the link you gave me because teh network has my last priority. But I bookmarked all your links for later refrence. -------- About speed needed. Yes I mean 30MB/s. And 100Mbit is 'obsolete' now. Even onboard LAN is Gigabit nowadays. I have fairly highend IDEA drives. 2x WD 1000BB (no RAID) I'm willing to pay $1000 for a speedy solution that meets my demands. IMO security comes in 3 parts: a] Strong cipher. b] Good authentication. Like iKey. The entropy of password that can be remebers by humans is often to low. I didn't find a opensource program that supports such stuff. c] Speed. About everyone wants security. But only a few want to pay the speedhit. And then ppl start to looking for tradeoffs. And very often that tradeoff is no encryption or something with the 'strength' of ROT13 Even the paranoid ppl do that. After all you should encrypt your data with AES256 and encrypt the result with Twofish. Just incase the spooks found a hole somewhere. ----- Networkspeed. Defenition of a network. "2 nics and a wire" End of my network knowledge :P I don't care a bit if it uses smokesignals or nuclear power as long it's fast. ------ Sometimes I think what the f*uck am I being so obcessed with strongciphers. The local police department can barely break 10 bit ciphers and somehow I don't think the CIA isn't very intrested in the loveletters I encrypted

04-06-2004, 01:03 PM	#6
Alexander Turcic Fully Converged Posts: 18,163 Karma: 14021202 Join Date: Oct 2002 Location: Switzerland Device: Too many to count here.	Heh it is exactly the challenge of those theoratical discussions that can me so much fun