|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/ap.belleisle/INFOSEC/ |
Upload File : |
<HTML> <HEAD> <TITLE>ENCRYPTION SOFTWARE with forensic software countermeasures</TITLE> <META NAME="description" CONTENT="Cerberus Systems, Inc. develops, manufactures and markets Windows� cryptosystems designed to meet or exceed level 1 of FIPS PUB 140-1 with DOD 5220.22-M disk data recovery countermeasures."> <META NAME="keywords" CONTENT="ANSI X9.17, computer security, cryptosystem, data privacy, DOD 5220.22-M, encryption, file wiping, FIPS 140-1, forensic software, INFOSEC, sanitizing, security leaks, secure deletion, security software, triple-DES, zeroizing, Windows�."> </HEAD> <BODY TOPMARGIN="0" LEFTMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#009966" ALINK="#FF0000" VLINK="#009966"> <BASEFONT SIZE=2 FACE="Arial,Helv,Helvetica"> <TABLE ALIGN=LEFT BORDER=0 CELLSPACING=0 CELLBORDER=0 CELLPADDING=12 WIDTH=640> <TR> <!-- LEFT MARGIN STRIP --> <TD BGCOLOR="#336666" ALIGN=CENTER VALIGN=TOP> <FONT SIZE=1> <a href="../default.htm"><IMG SRC="images/web_icon.gif" ALT="CERBERUS HOME ICON" WIDTH=72 HEIGHT=72 BORDER=0 VSPACE=2><br><b><i>CERBERUS</i></b></a> <P><a href="index.htm""><IMG SRC="images/needs.gif" ALT="THE NEED" WIDTH=90 HEIGHT=30 BORDER=2></a><br> <a href="privacy.htm">Vulnerabilities</a> <a href="threats.htm">Threats</a> <a href="forensic.htm">Countermeasures</a> <P><a href="products/index.htm""><IMG SRC="images/products.gif" ALT="PRODUCTS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="products/docusec.htm">Document Security</a> <P><a href="stds/index.htm"><IMG SRC="images/standard.gif" ALT="STANDARDS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="stds/fip140-1.htm">FIPS PUB 140-1</a><br> <a href="stds/sanitize.htm">DOD 5220.22-M</a><br> <a href="stds/ncsctg25.htm">NCSC TG-25</a> <br> <a href="stds/fip81.htm">FIPS PUB 81</a> <br> <a href="stds/fip180-1.htm">FIPS PUB 180-1</a><br> <a href="stds/d520028.htm">DOD 5200.28-STD</a><br> <P><a href="tutorial/index.htm"><IMG SRC="images/tutorial.gif" ALT="TUTORIALS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <a href="tutorial/winfosec.htm">INFOSEC</a><br> <a href="tutorial/keys.htm">Cryptosystems</a><br> <a href="tutorial/phrases.htm">Passphrases</a><br> <a href="tutorial/leaks.htm">Windows� Leaks</a><br> <a href="tutorial/system.htm">System Settings</a> <P><a href="download/index.htm"><IMG SRC="images/download.gif" ALT="DOWNLOADS" WIDTH=90 HEIGHT=30 BORDER=0></a><br> <P><HR WIDTH=84> <P><a href="mailto:[email protected]">QUESTIONS? <br><IMG SRC="images/email2.gif" ALT="E-MAIL" WIDTH=61 HEIGHT=31 BORDER=0></a><br> <P><br><IMG SRC="./images/amex_ok.gif" ALT="AMEX WELCOME" WIDTH=51 HEIGHT=68 BORDER=0> </FONT> </TD> <!-- END LEFT MARGIN STRIP --> <!-- MAIN SECTION --> <TD ALIGN=LEFT VALIGN=TOP> <!-- Title Bar --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=500> <TR><TD> <!-- Right-justified Logotype --> <TABLE ALIGN=RIGHT BORDER=0 CELLSPACING=0 CELLPADDING=0> <TR><TD><FONT COLOR="#006633" SIZE=3><B><I>CERBERUS <FONT SIZE=1>SYSTEMS, INC.</FONT></I></B></FONT></TD></TR><TR><TD ALIGN=CENTER><FONT COLOR="#999933" SIZE=1><B><I> <!--forensic software countermeasures--> <!--INFORMATION SECURITY TOOLS--> <!--INFOSEC for Personal Computers--> <!--INFOSEC Products for Windows®--> <!--INFOSEC Tools for PCs & Laptops--> <!--personal information security tools--> Windows®-compatible encryption </I></B></FONT></TD></TR> </TABLE> <!-- End Logotype --> </TD></TR> <TR ALIGN=CENTER><TD WIDTH=490> <!-- Centered Page-Title --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=10> <TR><TD ALIGN=CENTER><FONT COLOR="#CC3300" SIZE=5><B> <!-- Title Text--> ENCRYPTION SOFTWARE<BR> <FONT COLOR="#999933" SIZE=3><i><FONT SIZE=2>WITH<br></FONT>FORENSIC SOFTWARE COUNTERMEASURES</i> <!-- End Title Text --> </B></FONT></TD></TR> </TABLE> <!-- End Page-Title --> </TD></TR></TABLE> <!-- End Title Bar --> <!-- Content --> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=510> <TR><TD><FONT SIZE=2> <P><i>Forensic software</i> exploits Windows� security leaks for computer evidence recovery and for <i>electronic discovery</i> in litigation. This is usually the <i>real</i> method by which "the suspect's encryption was cracked." It's also commercially available to industrial spies and criminals, who use it to defeat hard drive data encryption by <i>side channel attacks</i>. <P>Most e-mail encryption software (such as PGP�) is vulnerable to forensic software attacks, if (mis-)used to encrypt files for secure storage rather than for transmission. Most "Windows� encryption software" has no forensic software countermeasures, making the strength of their ciphers (encryption algorithms) or key-sizes irrelevant . <P>If you're concerned about practicing due diligence in protecting sensitive information, but you're forced to keep it on a Windows� PC, perhaps we can help. We supply <a href="products/docusec.htm"><FONT COLOR="#006633"><u><b><i>standards-compliant cryptosystems</i></b></u></FONT></a> with <a href="forensic.htm"><FONT COLOR="#006633"><u><b><i>forensic software countermeasures</i></b></u></FONT></a>, specifically designed to protect sensitive data on Windows� PCs and laptops. <BLOCKQUOTE><FONT SIZE=1 COLOR="#006633"> <B>NOTE:</B> The <a href="http://www.nacic.gov"><u>National Counterintelligence Center</u></a> list of <i>Foreign Threats to US Business Travelers</i> includes forensic software <i>bag operations</i> against laptop computers in hotel rooms. In the UK, <a href="discscan.htm"><u>HM Customs & Excise</u></a> perform forensic software scanning of the hard drives of arriving visitors' laptops for "obscene material or other prohibited items." </FONT></BLOCKQUOTE> <P><HR SIZE=1 WIDTH=50%> <P>Many people know that "strong encryption" ciphers convert <i>plaintext</i> into <i>ciphertext</i> which can't be "broken" through cryptanalysis with any effort less than trying possible key values until one works; and that such ciphers may not be lawfully incorporated in exportable software without restricting the number of possible keys to a binary number with few enough bits to represent a low (for NSA) encryption-breaking <i>workfactor.</i> <P>Some of them also realize that professional code-breakers don't waste time trying to "crack" such ciphers, but instead look for statistical weaknesses in the way keys are generated, so as to narrow their search to a small sub-set of the possible key values. <P>Consequently, many users of strong e-mail encryption software (such as PGP�) know that its strength is not limited by its 128-bit key-size, but by the trivially small fraction of such keys which can be computed from passphrases which they can remember. <BLOCKQUOTE><FONT SIZE=1 COLOR="#006633"> <B>NOTE:</B> For an English phrase of 30 characters, this "guessability" workfactor is typically about 39 bits. Our pseudo-random nonsense-phrase generator yields 14 bits per word, but even a workfactor-enhancing phrase-to-masterkey computation like ours only adds 10 more bits. A 4-word nonsense-phrase only gives a total DES workfactor of log<sub>2</sub>3 + 66 = 67.6 bits. </FONT></BLOCKQUOTE> <P>What too few of them realize is that for files encrypted with such software for storage on their PC or laptop, <a href="privacy.htm"><FONT COLOR="#006633"><u><b><i>the workfactor is zero bits,</i></b></u></FONT></a> since Windows� leaves copies of plaintext, passwords and keys on their hard drive for recovery by forensic software. <P>Even the Encrypting File System (EFS) in the latest version of Windows NT (NT 5.0 or "Windows 2000�"), creates a "temporary" copy of the plaintext file to be encrypted, an enciphered version of which it writes onto the original file's disk clusters but merely "deletes" (unlinks) from the Master File Table record when done, leaving a copy of the original plaintext in the now unallocated sectors for recovery with forensic software. <P><HR SIZE=1 WIDTH=50%> <P>If you wish to become a knowledgeable consumer of software cryptosystems that your Windows� PC won't turn into a bad joke at your expense, we offer <a href="tutorial/index.htm"><u>tutorials</u>.</a> Those knowledgeable about <a href="tutorial/winfosec.htm"><u>INFOSEC</u></a>, <a href="tutorial/keys.htm"><u>cryptosystems</u></a> and <a href="tutorial/phrases.htm"><u>passphrases</u></a> may wish to jump to the sections on <a href="tutorial/leaks.htm"><u>Windows� security leaks</u></a> and <a href="tutorial/system.htm" TARGET="Main"><u>configurating your system</u>.</a> <P>We also provide a library of applicable U.S. <a href="stds/index.htm"><u>cryptographic security standards</u></a>. <P>If you're already thus knowledgeable, <a href="products/index.htm"><u>our products</u></a> should interest you. We offer <a href="download/index.htm"><u>free downloads</u></a> of demonstration versions for Windows NT, Windows 9x and Windows 3x. <P>These demonstrators have been compiled without the private masterkey generating function necessary for security. They include all the other cryptographic functions of the full products, but documents they encrypt can be unconditionally decrypted by anyone with a demonstrator. Their <i>zeroized</i> masterkeys let you examine the "look and feel" of their user interfaces and test how fast the encryption functions will execute on <i>your</i> system, while letting us comply with US export controls. <BLOCKQUOTE><FONT COLOR="#006633" SIZE=1> <b>NOTE:</b> Our individually licensed software cryptosystems incorporate high-grade ciphers (specifically, CBC-<wbr>mode triple-<wbr>DES with 168-<wbr>bit keys). They do not incorporate either overt <i>Law Enforcement Access Fields</i> or covert channels to leak keying information. They are thus considered "encryption items" - Category EI in the Commerce Control List, 15 CFR 774, subject to the Export Administration Act, 50 USC 2401. The penalty for their export from the United States without a BXA license, except to Canada is a fine, not to exceed $1,000,000 and/or a prison term, not to exceed 10 years for each offense. </FONT></BLOCKQUOTE> <P>The demonstrators are designed to cleanly uninstall, while any files encrypted with them can easily be made secure by the Licensed version's automatic re-encryption of all encryption keys with the private masterkey generated from your passphrase (which can be produced for you by the 14-bits-per-word, ANSI X9.17-keyed phrase generator). <P>If you're in the process of evaluating your security needs, we offer some <a href="consider.htm"><u>things you should consider</u></a> in deciding whether or not to use cryptographic data protection to achieve <FONT COLOR="#999933"><b><i>data privacy with Your Windows� Open</i></b> <a href="privacy.htm"><IMG SRC="images/web_next.gif" BORDER=0></a> </FONT></TD></TR> </TABLE> <!-- End Content ---> <!-- Standard Footer ---> <CENTER> <P><BR> <FONT SIZE=2 COLOR="#006633"><B><i> Cerberus Systems, Inc. develops, manufactures and markets<BR> software cryptosystems designed to level 1 of FIPS PUB 140-1<BR> with DOD 5220.22-M disk data recovery countermeasures. </i></B></FONT> <P><HR SIZE=1> <FONT SIZE=1 COLOR="#CC3300"> The Cerberus logo and the <i>...Security Manager</i> product names are trademarks of Cerberus Systems, Inc.<BR> © Copyright 1997-99, all rights reserved. </FONT> <HR SIZE=1> </CENTER> <!--- End Standard Footer ---> </TD> <!-- END MAIN SECTION --> <!-- PADDING CELL --> <TD> <!-- right margin = 2 x cellpadding --> </TD> <!-- END PADDING CELL --> </TR> </TABLE> </BODY> </HTML>