|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/ap.belleisle/INFOSEC/ |
Upload File : |
<HTML> <HEAD> <TITLE>ENCRYPT or NOT - things you should consider</TITLE> <META NAME="description" CONTENT="Cerberus Systems, Inc. develops, manufactures and markets Windows� cryptosystems designed to meet or exceed level 1 of FIPS PUB 140-1 with DOD 5220.22-M disk data recovery countermeasures."> <META NAME="keywords" CONTENT="168-bit keys, access control, ANSI X9.17, computer security, confidentiality, crypto, cryptography, cryptographic, cryptology, cryptosystem, Data Encryption Standard, data security, DES, disk encryption, DOD 5200.28-STD, DOD 5220.22-M, encrypt, encryption, Federal Information Processing Standards, file encryption, FIPS, FIPS 46-2, FIPS 74, FIPS 81, FIPS 140-1, FIPS 180-1, FIPS 186, INFOSEC, integrity, key, NBS Special Publication 500-20, NCSC TG-25, passphrase, password, personal, privacy, private key, Secure Hash Standard, security, Security Requirements for Cryptographic Modules, security software, sensitive-but-unclassified, sensitive information, SHA, SHA1, SHS, software, standards, triple-DES, Windows�."> </HEAD> <BODY TOPMARGIN="0" LEFTMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#009966" ALINK="#FF0000" VLINK="#009966"> <BASEFONT SIZE=2 FACE="Arial,Helv,Helvetica"> <TABLE ALIGN=LEFT BORDER=0 CELLSPACING=0 CELLBORDER=0 CELLPADDING=12 WIDTH=640> <TR> <!-- LEFT MARGIN STRIP --> <TD BGCOLOR="#336666" ALIGN=CENTER VALIGN=TOP> <FONT SIZE=1> <a href="../default.htm"><IMG SRC="images/web_icon.gif" ALT="CERBERUS HOME ICON" WIDTH=72 HEIGHT=72 BORDER=0 VSPACE=2><br><b><i>CERBERUS</i></b></a> <P><a href="index.htm""><IMG SRC="images/needs.gif" ALT="THE NEED" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="privacy.htm">Vulnerabilities</a> <a href="threats.htm">Threats</a> <a href="forensic.htm">Countermeasures</a> <P><a href="products/index.htm""><IMG SRC="images/products.gif" ALT="PRODUCTS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="products/docusec.htm">Document Security</a> <P><a href="stds/index.htm"><IMG SRC="images/standard.gif" ALT="STANDARDS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="stds/fip140-1.htm">FIPS PUB 140-1</a><br> <a href="stds/sanitize.htm">DOD 5220.22-M</a><br> <a href="stds/ncsctg25.htm">NCSC TG-25</a> <br> <a href="stds/fip81.htm">FIPS PUB 81</a> <br> <a href="stds/fip180-1.htm">FIPS PUB 180-1</a><br> <a href="stds/d520028.htm">DOD 5200.28-STD</a><br> <P><a href="tutorial/index.htm"><IMG SRC="images/tutorial.gif" ALT="TUTORIALS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="tutorial/winfosec.htm">INFOSEC</a><br> <a href="tutorial/keys.htm">Cryptosystems</a><br> <a href="tutorial/phrases.htm">Passphrases</a><br> <a href="tutorial/leaks.htm">Windows� Leaks</a><br> <a href="tutorial/system.htm">System Settings</a> <P><a href="download/index.htm"><IMG SRC="images/download.gif" ALT="DOWNLOADS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <P><HR WIDTH=84> <P><a href="mailto:[email protected]">QUESTIONS? <br><IMG SRC="images/email2.gif" ALT="E-MAIL" WIDTH=61 HEIGHT=31 BORDER=0></a><br> <P><br><IMG SRC="./images/amex_ok.gif" ALT="AMEX WELCOME" WIDTH=51 HEIGHT=68 BORDER=0> </FONT> </TD> <!-- END LEFT MARGIN STRIP --> <!-- MAIN SECTION --> <TD ALIGN=LEFT VALIGN=TOP> <!-- Title Bar --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=500> <TR><TD> <!-- Right-justified Logotype --> <TABLE ALIGN=RIGHT BORDER=0 CELLSPACING=0 CELLPADDING=0> <TR><TD><FONT COLOR="#006633" SIZE=3><B><I>CERBERUS <FONT SIZE=1>SYSTEMS, INC.</FONT></I></B></FONT></TD></TR><TR><TD ALIGN=CENTER><FONT COLOR="#999933" SIZE=1><B><I> <!--forensic software countermeasures--> <!--INFORMATION SECURITY TOOLS--> <!--INFOSEC for Personal Computers--> <!--INFOSEC Products for Windows®--> <!--INFOSEC Tools for PCs & Laptops--> <!--personal information security tools--> Windows®-compatible encryption </I></B></FONT></TD></TR> </TABLE> <!-- End Logotype --> </TD></TR> <TR ALIGN=CENTER><TD WIDTH=490> <!-- Centered Page-Title --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=10> <TR><TD ALIGN=CENTER><FONT COLOR="#CC3300" SIZE=5><B> <!-- Title Text--> ENCRYPT <FONT SIZE=2>OR</FONT> NOT?<BR> <FONT COLOR="#999933" SIZE=4><i>THINGS YOU SHOULD CONSIDER</i> <!-- End Title Text --> </B></FONT></TD></TR> </TABLE> <!-- End Page-Title --> </TD></TR></TABLE> <!-- End Title Bar --> <!-- Content --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=506> <TR><TD><FONT SIZE=2> <P>If you need cryptographic software, we'd obviously like you to consider ours. However, you may not need it now, but might need it later. In the hope that you'll remember us favorably when you do need it, we offer the following guidance to help you decide. <BLOCKQUOTE><FONT COLOR="#006633" SIZE=1> <b>NOTE: This information is not intended to be and should not be construed as legal advice. Advice of counsel should be sought in case of considerations of lawfulness.</b> </FONT></BLOCKQUOTE> <P><HR SIZE=1 WIDTH=50%> <P ALIGN=CENTER><B><br> <a href="#FAQ01">Will encryption protect my PC or laptop?</a> <br><a href="#FAQ02">Should I encrypt my programs?</a> <br><a href="#FAQ03">Will high-grade encryption protect my data?</a> <br><a href="#FAQ04">How can high-grade encryption be cracked?</a> <br><a href="#FAQ05">Will a certified encryption engine provide high-grade encryption?</a> <br><a href="#FAQ06">What is <i>forensic software</i>?</a> <br><a href="#FAQ07">Will <i>sanitizing</i> per DOD 5220.22-M defeat recovery by forensic software?</a> <br><a href="#FAQ08">Can your forensic software countermeasures be defeated?</a> <!-- <br><a href="#FAQ09">Can legally exportable software provide strong encryption?</a> --> <br><a href="#FAQ10">Can I travel with strong encryption software on my laptop?</a> <br><a href="#FAQ11">Will your software give me access to my employees' files?</a> <br><a href="#FAQ12">Can I use another cipher than 168-bit triple-DES with your software?</a> <br><a href="#FAQ13">How can I verify the absence of "back-doors" in your software?</a> <br><a href="#FAQ14">Do you sell forensic software or services?</a> </B> <P><br><HR SIZE=1 WIDTH=50%> <a name="FAQ01"></a> <P><FONT COLOR="#006633"><B>Will encryption protect my PC or laptop?</B></FONT> <P>No. If you wish to deny others the use of your particular one of the world's millions of Windows® PCs, you must employ physical security measures; i.e. lock it up. Access control software can be bypassed with a floppy diskette, and plug-in cards can be easily removed from an unlocked case - as can your entire hard disk. You can, however, cryptographically protect the confidentiality of data stored on it. <a name="FAQ02"></a> <P><FONT COLOR="#006633"><B>Should I encrypt my programs?</B></FONT> <P>Not unless there's something that makes them different from everyone else's copy. Why wait for many megabytes of program files to be decrypted? The delay of "on-the-fly" decryption of their component library files can crash many programs. <a name="FAQ03"></a> <P><FONT COLOR="#006633"><B>Will high-grade encryption protect my data?</B></FONT> <P>Yes, but only while it's encrypted. While you're using it, it's unencrypted and you must physically protect it. That's why eliminating all of Windows�' "extra copies" is so important. If your software doesn't plug Windows� security leaks, even though it encrypts with a strong cipher, attackers can bypass the encryption. Furthermore, if you don't make backup copies of your data, it can still be destroyed. You must be sure that your method of encryption won't interfere with your backup software. <a name="FAQ04"></a> <P><FONT COLOR="#006633"><B>How can high-grade encryption be cracked?</B></FONT> <P>By definition, it can't be - but its keys can. Some techniques used, in increasing order of cost/risk are: (1) exploiting operator errors (e.g. recovering a password from its repeated use with slight variation in less secure applications which can be cracked); (2) <i>dumpster diving</i> for papers on which the operator may have doodled hints to the area of interest s/he used to pick a password, and using them to guide automated <i>dictionary attacks</i>; (3) bribery or <i>rubber hose cryptanalysis</i> (duress). <BLOCKQUOTE><FONT COLOR="#006633"> NOTE: High-grade encryption cannot be reversed without the keying information. Its very high <i>work-factor</i> shifts the focus of attack from "cracking the cryptosystem" to "cracking the owner." High-value data requires a total security plan, of which encryption is only an element. </FONT></BLOCKQUOTE> <a name="FAQ05"></a> <P><FONT COLOR="#006633"><B>Will a certified encryption engine provide high-grade encryption?</B></FONT> <P>Not by itself. <i>If</i> it is fed cryptographically strong keying information, it <i>can</i> produce a strongly encrypted version of one of your data files. This version can be securely communicated. However, Windows� not only can't be relied upon to dispose of your unencrypted original, it even makes and leaves extra copies on your hard disk. All of these copies can be recovered with <i>forensic software,</i> unless the encryption engine is integrated in a cryptosystem specifically designed to plug Windows� security leaks. <a name="FAQ06"></a> <P><FONT COLOR="#006633"><B>What is <i>forensic software</i>?</B></FONT> <P>Forensic software was developed for computer evidence recovery in law enforcement. It makes evidentiary copies of all magnetic data records on a disk, and performs searching by keywords of disk sectors likely to contain evidence. It also establishes a clear custody chain for the evidence that will withstand court challenges. It is used to scan disks to which a court has ordered the defendant to provide access by plaintiff's lawyer(s) during the <i>discovery</i> phase of litigation, as well as for industrial espionage. <a name="FAQ07"></a> <P><FONT COLOR="#006633"><B>Will <i>sanitizing</i> per DOD 5220.22-M defeat recovery by forensic software?</B></FONT> <P>Yes. Even <i>clearing</i> will, if applied to <u>all</u> copies. The specialized laboratory equipment used by intelligence agencies of major industrialized nations can recover small groups of data bytes from under any number of overwrites. However, this is not a practical way to explore an entire hard disk for potentially interesting data, such as in discovery for litigation. <i>Sanitizing</i> or <i>clearing</i> of all non-encrypted copies per DOD 5220.22-M should clearly demonstrate due diligence in protecting trade secret or privacy data. <BLOCKQUOTE><FONT COLOR="#006633"> NOTE: Rule 34(a) of the Federal Rules of Civil Procedure includes computerized records. Discoverable documents are generally held to include computer hard drives, and courts can impose discovery sanctions for proven willful destruction of data relevant to litigation. </FONT></BLOCKQUOTE> <a name="FAQ08"></a> <P><FONT COLOR="#006633"><B>Can your forensic software countermeasures be defeated?</B></FONT> <P>Yes - by the user circumventing their application to <u>all</u> copies of sensitive data. Forensic software exploits <i>non-zeroized object re-use</i> leaks. Before releasing them to the operating system for re-use, sensitive memory or storage objects handled by our software are automatically Cleared (zeroized) or Sanitized, per DOD 5220.22-M. Any file it writes to disk has the tail Cleared of RAM buffer scavanging leaks. However, its automatic on-exit offers to Clear the Windows� <i>swapfile</i> and <i>TEMP</i> space can be refused by the user in time-critical system shut-down situations. Furthermore, deleted data which it never handled can still lurk on the user's disk, if s/he doesn't explicitly use our <i>Clear a disk's free clusters</i> and <i>Clear a disk's file slack</i> countermeasures. <!-- <a name="FAQ09"></a> <P><FONT COLOR="#006633"><B>Can legally exportable software provide strong encryption?</B></FONT> <P>No. Either the cipher employed must only produce ciphertext which will succumb to known cryptanalytic attacks, or its implementation must leak enough bits of keying information to allow exhaustive key search attacks to reconstruct encryption keys without user cooperation. (So-called <i>key recovery</i> features leak <i>all</i> of the key bits.) --> <a name="FAQ10"></a> <P><FONT COLOR="#006633"><B>Can I travel with strong encryption software on my laptop?</B></FONT> <P>The Commerce Department's Bureau of Export Administration (BXA) has the latest information concerning the personal use exemption from encryption export controls. Provided you satisfy their record keeping and custodial rules, you should have no difficulty in leaving and re-entering the USA with such software on your laptop. However, many countries outlaw the use or possession of high-grade cryptosytems. <a name="FAQ11"></a> <P><FONT COLOR="#006633"><B>Will your software give me access to my employees' files?</B></FONT> <P>Not without their cooperation. If they provide you with up-to-date key share diskettes, multiple trusted parties acting in concert (such as the immediate supervisor and the personnel director, for example) can access their encrypted files in event of their death or incapacity. Any one diskette is useless. You can, of course, pursue legal remedies to force disclosure of keying information, as can law enforcement agencies. In any case, your employee agreements should address the duty to maintain the integrity and the availability of your proprietary information, as well as its confidentiality. <a name="FAQ12"></a> <P><FONT COLOR="#006633"><B>Can I use another cipher than 168-bit triple-DES with your software?</B></FONT> <P>No. We don't serve the enthusiast market. Our focus is on INFOSEC for people who must protect sensitive data on Windows� PCs or laptops, rather than on encryption technology. Our (conservative) choice of this cipher is only a small part of the solution to that problem. There are many available software products focused on encryption, per se. Ours are designed to plug the Windows� security leaks that can bypass it. <a name="FAQ13"></a> <P><FONT COLOR="#006633"><B>How can I verify the absence of "back-doors" in your software?</B></FONT> <P>You could check our design by examining our source code (under Non-Disclosure Agreement). You can check for "spiking" of the actual implementation with our built-in tests. In addition to the NIST tests, you can force the actual file encryption key to any value you select to verify the cipher. You can compare the resulting file (with zeroized masterkey) against our specification, to assure absence of added bytes containing key leaks. Our <i>FIPS 140-1 key generator tests</i> include the option to generate a one megabyte keystream file, on which you can run randomness tests for pattern leaks. <a name="FAQ14"></a> <P><FONT COLOR="#006633"><B>Do you sell forensic software or services?</B></FONT> <P>No. We believe that it would place us in an untenable conflict of interest. NSA/CSS has a world-class COMmunications SECurity organization; but its relation to its sister COMmunications INTelligence organization has led to much paranoia about its cipher designs. To avoid similar concerns on the part of our customers, we don't assist corporations, attorneys, or even law enforcement organizations to defeat INFOSEC measures. There are plenty of vendors assisting "the good guys" to chase "the bad guys" (who can also buy help). We provide real INFOSEC products for the rest of us. </FONT></TD></TR> </TABLE> <!-- End Content ---> <!-- Standard Footer ---> <CENTER> <P><BR> <FONT SIZE=2 COLOR="#006633"><B><i> Cerberus Systems, Inc. develops, manufactures and markets<BR> software cryptosystems designed to level 1 of FIPS PUB 140-1<BR> with DOD 5220.22-M disk data recovery countermeasures. </i></B></FONT> <P><HR SIZE=1> <FONT SIZE=1 COLOR="#CC3300"> The Cerberus logo and the <i>...Security Manager</i> product names are trademarks of Cerberus Systems, Inc.<BR> © Copyright 1997-99, all rights reserved. </FONT> <HR SIZE=1> </CENTER> <!--- End Standard Footer ---> </TD> <!-- END MAIN SECTION --> <!-- PADDING CELL --> <TD> <!-- right margin = 2 x cellpadding --> </TD> <!-- END PADDING CELL --> </TR> </TABLE> </BODY> </HTML>