Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 783
  • Last Modified:

Encrypt ENTIRE Hard drive w/reliable software (must implement 8192 or 16384 bit encryption)

~Welcome Experts

I'm just looking for an encryption program that will encrypt an entire hard drive - but here's the catch:  this program must implement 8192 bit or 16384 bit encryption on-the-fly.  The algorithm itself whether it is blowfish, aes, etc. I'm very willing to be flexible with - but  8192 or 16384 bit is mandatory.  

I'm looking forward to responses on this one and am excited to see what software options are available out there.  Please be respectful and stick to the subject when posting to this question and avoid unnecessary (possibly nagging) comments.

Thank you again for viewing this question and I wish you the best of luck!

T-Snipez

Any information posted to this thread should be for educational informational purposes only.
0
T-Snipez
Asked:
T-Snipez
  • 2
2 Solutions
 
t_itaniumCommented:
0
 
Rich RumbleSecurity SamuraiCommented:
The "bit" length really doesn't make or break the security, if the algo is done well, and tested, 128-bit is sufficent when the passphrase is good. 123456789101112131415 is a long pass, but not a well chosen one. Varied cases, numbers and symbols each increase the possiblities exponentially, as well as length. I'd suggest reading the following articles to help further understand what makes good crypto: http://www.schneier.com/crypto-gram-9910.html#KeyLengthandSecurity
http://www.schneier.com/essay-028.html
Strong cryptography is very powerful when it is done right, but it is not a panacea. Focusing on the cryptographic algorithms while ignoring other aspects of security is like defending your house not by building a fence around it, but by putting an immense stake into the ground and hoping that the adversary runs right into it. Smart attackers will just go around the algorithms.
http://www.schneier.com/paper-attacktrees-ddj-ft.html
http://www.schneier.com/crypto-gram-0204.html#3
Comparing symmetric and public-key keys is a lot like comparing apples and oranges. I recommend 128-bit symmetric keys because they are just as fast at 64-bit keys. That's not true for public-key keys. Doubling the key size roughly corresponds to a six-times speed slowdown in software. This might not matter with PGP, but it will make client-server applications like SSL slow to a crawl. I've seen papers claiming that you need 3072-bit RSA keys to correspond to 128-bit symmetric keys and 15K-bit RSA keys for 256-bit symmetric keys. This kind of thinking is ridiculous; the performance trade-offs and attack models are so different that the comparisons don't make sense.
http://schneier.com/book-practical-preface.html

Sorry to link so many, but it's a topic that comes up alot, and hearing it from a real-world expert like Mr Schneier is probably better than me reguritating it and possibly messing it up. I also recommend TrueCrypt, it has several algo's to choose from, and Blowfish was also written by Mr. Schneier. TrueCrypt should not be used to encrypt windows program and system files, it's not designed to work in this fashion. It can encrypt other files/folder on a pc, or even an entire secondary drive/partition or USB device, but it has no bootloader to make the system understand that the entire HD is encrypted. PGP offers something along those lines and I'm told by a friend that it does work well, and encrypts the entire boot drive and anything else. It requires a password, and a USB token to boot the PC. Seagate also has an entirely encrypted harddrive comming to market later this year, all content on the HD is encrypted, and the crypto is transparent as it's handled by the HD's hardware. http://www.seagate.com/cda/newsinfo/newsroom/releases/article/0,,3199,00.html
Security is a process, not a product.
-rich
0
 
T-SnipezAuthor Commented:
~t_itanium and richrumble - Thank you!

I want to thank both of you for the excellent responses in timely fashions.  Rich ~ With your response, I know have come to realize that my overkill desire for 8192 bit or 16384 bit encryption on-the-fly is not necessary.  If it hasn't been for your response, this question would still be open with my unreasonable desires ;)  Thank you for the many links - they have proved to be highly useful and educating.  

I appreciate both t_itanium and richrumble's effort on this question and I hope that you will choose to assist me in future questions I may have regarding security.

Thank you again,
T-Snipez
0
 
Rich RumbleSecurity SamuraiCommented:
That's what we do ;) And Thanks!
-rich
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now