Solved

Encrypt ENTIRE Hard drive w/reliable software (must implement 8192 or 16384 bit encryption)

Posted on 2006-06-26
4
748 Views
Last Modified: 2013-12-04
~Welcome Experts

I'm just looking for an encryption program that will encrypt an entire hard drive - but here's the catch:  this program must implement 8192 bit or 16384 bit encryption on-the-fly.  The algorithm itself whether it is blowfish, aes, etc. I'm very willing to be flexible with - but  8192 or 16384 bit is mandatory.  

I'm looking forward to responses on this one and am excited to see what software options are available out there.  Please be respectful and stick to the subject when posting to this question and avoid unnecessary (possibly nagging) comments.

Thank you again for viewing this question and I wish you the best of luck!

T-Snipez

Any information posted to this thread should be for educational informational purposes only.
0
Comment
Question by:T-Snipez
  • 2
4 Comments
 
LVL 5

Assisted Solution

by:t_itanium
t_itanium earned 100 total points
ID: 16990445
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 221 total points
ID: 16992205
The "bit" length really doesn't make or break the security, if the algo is done well, and tested, 128-bit is sufficent when the passphrase is good. 123456789101112131415 is a long pass, but not a well chosen one. Varied cases, numbers and symbols each increase the possiblities exponentially, as well as length. I'd suggest reading the following articles to help further understand what makes good crypto: http://www.schneier.com/crypto-gram-9910.html#KeyLengthandSecurity
http://www.schneier.com/essay-028.html
Strong cryptography is very powerful when it is done right, but it is not a panacea. Focusing on the cryptographic algorithms while ignoring other aspects of security is like defending your house not by building a fence around it, but by putting an immense stake into the ground and hoping that the adversary runs right into it. Smart attackers will just go around the algorithms.
http://www.schneier.com/paper-attacktrees-ddj-ft.html
http://www.schneier.com/crypto-gram-0204.html#3
Comparing symmetric and public-key keys is a lot like comparing apples and oranges. I recommend 128-bit symmetric keys because they are just as fast at 64-bit keys. That's not true for public-key keys. Doubling the key size roughly corresponds to a six-times speed slowdown in software. This might not matter with PGP, but it will make client-server applications like SSL slow to a crawl. I've seen papers claiming that you need 3072-bit RSA keys to correspond to 128-bit symmetric keys and 15K-bit RSA keys for 256-bit symmetric keys. This kind of thinking is ridiculous; the performance trade-offs and attack models are so different that the comparisons don't make sense.
http://schneier.com/book-practical-preface.html

Sorry to link so many, but it's a topic that comes up alot, and hearing it from a real-world expert like Mr Schneier is probably better than me reguritating it and possibly messing it up. I also recommend TrueCrypt, it has several algo's to choose from, and Blowfish was also written by Mr. Schneier. TrueCrypt should not be used to encrypt windows program and system files, it's not designed to work in this fashion. It can encrypt other files/folder on a pc, or even an entire secondary drive/partition or USB device, but it has no bootloader to make the system understand that the entire HD is encrypted. PGP offers something along those lines and I'm told by a friend that it does work well, and encrypts the entire boot drive and anything else. It requires a password, and a USB token to boot the PC. Seagate also has an entirely encrypted harddrive comming to market later this year, all content on the HD is encrypted, and the crypto is transparent as it's handled by the HD's hardware. http://www.seagate.com/cda/newsinfo/newsroom/releases/article/0,,3199,00.html
Security is a process, not a product.
-rich
0
 
LVL 1

Author Comment

by:T-Snipez
ID: 16993091
~t_itanium and richrumble - Thank you!

I want to thank both of you for the excellent responses in timely fashions.  Rich ~ With your response, I know have come to realize that my overkill desire for 8192 bit or 16384 bit encryption on-the-fly is not necessary.  If it hasn't been for your response, this question would still be open with my unreasonable desires ;)  Thank you for the many links - they have proved to be highly useful and educating.  

I appreciate both t_itanium and richrumble's effort on this question and I hope that you will choose to assist me in future questions I may have regarding security.

Thank you again,
T-Snipez
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16993127
That's what we do ;) And Thanks!
-rich
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
OfficeMate Freezes on login or does not load after login credentials are input.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now