KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.4.62
System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64
User : www ( 80)
PHP Version : 8.3.8
Disable Function : NONE
Directory :  /domains/ap.belleisle/INFOSEC/tutorial/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /domains/ap.belleisle/INFOSEC/tutorial/index.htm
<HTML>

<HEAD>
<TITLE>Cryptographic Software versus Windows�</TITLE>
<META NAME="description" CONTENT="Cerberus Systems, Inc. develops, manufactures and markets Windows� cryptosystems designed to meet or exceed level 1 of FIPS PUB 140-1 with DOD 5220.22-M disk data recovery countermeasures.">
<META NAME="keywords" CONTENT="168-bit keys, access control, ANSI X9.17, computer security, confidentiality, crypto, cryptography, cryptographic, cryptology, cryptosystem, Data Encryption Standard, data security, DES, disk encryption, DOD 5200.28-STD, DOD 5220.22-M, encrypt, encryption, Federal Information Processing Standards, file encryption, FIPS, FIPS 46-2, FIPS 74, FIPS 81, FIPS 140-1, FIPS 180-1, FIPS 186, INFOSEC, integrity, key, NBS Special Publication 500-20, NCSC TG-25, passphrase, password, personal, privacy, private key, Secure Hash Standard, security, Security Requirements for Cryptographic Modules, security software, sensitive-but-unclassified, sensitive information, SHA, SHA1, SHS, software, standards, triple-DES, Windows�.">
</HEAD>

<BODY TOPMARGIN="0" LEFTMARGIN="0" MARGINWIDTH="0" MARGINHEIGHT="0" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#009966" ALINK="#FF0000" VLINK="#009966">
<BASEFONT  SIZE=2 FACE="Arial,Helv,Helvetica">

<TABLE ALIGN=LEFT BORDER=0 CELLSPACING=0 CELLBORDER=0 CELLPADDING=12 WIDTH=640>
<TR>

<!-- LEFT MARGIN STRIP -->
<TD BGCOLOR="#336666" ALIGN=CENTER VALIGN=TOP>
<FONT SIZE=1>
<a href="../../default.htm"><IMG SRC="../images/web_icon.gif" ALT="CERBERUS HOME ICON" WIDTH=72 HEIGHT=72 BORDER=0 VSPACE=2><br><b><i>CERBERUS</i></b></a>

<P><a href="../index.htm""><IMG SRC="../images/needs.gif" ALT="THE NEED" WIDTH=90 HEIGHT=30 BORDER=0></a><br>
<a href="../privacy.htm">Vulnerabilities</a>
<a href="../threats.htm">Threats</a>
<a href="../forensic.htm">Countermeasures</a>

<P><a href="../products/index.htm""><IMG SRC="../images/products.gif" ALT="PRODUCTS" WIDTH=90 HEIGHT=30 BORDER=0></a><br>
<a href="../products/docusec.htm">Document Security</a>

<P><a href="../stds/index.htm"><IMG SRC="../images/standard.gif" ALT="STANDARDS" WIDTH=90 HEIGHT=30 BORDER=0></a><br>
<a href="../stds/fip140-1.htm">FIPS PUB 140-1</a><br>
<a href="../stds/sanitize.htm">DOD 5220.22-M</a><br>
<a href="../stds/ncsctg25.htm">NCSC TG-25</a> <br>
<a href="../stds/fip81.htm">FIPS PUB 81</a> <br>
<a href="../stds/fip180-1.htm">FIPS PUB 180-1</a><br>
<a href="../stds/d520028.htm">DOD 5200.28-STD</a><br>


<P><a href="index.htm"><IMG SRC="../images/tutorial.gif" ALT="TUTORIALS" WIDTH=90 HEIGHT=30 BORDER=2></a><br>
<a href="winfosec.htm">INFOSEC</a><br>
<a href="keys.htm">Cryptosystems</a><br>
<a href="phrases.htm">Passphrases</a><br>
<a href="leaks.htm">Windows� Leaks</a><br>
<a href="system.htm">System Settings</a>

<P><a href="../download/index.htm"><IMG SRC="../images/download.gif" ALT="DOWNLOADS" WIDTH=90 HEIGHT=30 BORDER=0></a><br>

<P><HR WIDTH=84>

<P><a href="mailto:[email protected]">QUESTIONS?
<br><IMG SRC="../images/email2.gif" ALT="E-MAIL" WIDTH=61 HEIGHT=31 BORDER=0></a><br>

<P><br><IMG SRC="../images/amex_ok.gif" ALT="AMEX WELCOME" WIDTH=51 HEIGHT=68 BORDER=0>

</FONT>

</TD>
<!-- END LEFT MARGIN STRIP  -->

<!-- MAIN SECTION -->
<TD ALIGN=LEFT VALIGN=TOP>

	<!-- Title Bar -->
<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH=500>
<TR><TD>
		<!-- Right-justified Logotype -->
<TABLE ALIGN=RIGHT BORDER=0 CELLSPACING=0 CELLPADDING=0>
<TR><TD><FONT COLOR="#006633" SIZE=3><B><I>CERBERUS <FONT SIZE=1>SYSTEMS, INC.</FONT></I></B></FONT></TD></TR><TR><TD ALIGN=CENTER><FONT COLOR="#999933" SIZE=1><B><I>
<!--forensic software countermeasures-->
<!--INFORMATION SECURITY TOOLS-->
<!--INFOSEC for Personal Computers-->
<!--INFOSEC Products for Windows&reg-->
<!--INFOSEC Tools for PCs & Laptops-->
<!--personal information security tools-->
Windows&reg-compatible encryption
</I></B></FONT></TD></TR>
</TABLE>
		<!-- End Logotype -->
</TD></TR>
<TR ALIGN=CENTER><TD WIDTH=490>
		<!-- Centered Page-Title -->
<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=10>
<TR><TD ALIGN=CENTER><FONT COLOR="#CC3300" SIZE=5><B>
			<!-- Title Text-->
ENCRYPTION vs WINDOWS<sup>&reg</sup><BR>
<FONT COLOR="#999933" SIZE=2><i>AN INTRODUCTORY TUTORIAL</i>
			<!-- End Title Text -->
</B></FONT></TD></TR>
</TABLE>
		<!-- End Page-Title -->
</TD></TR></TABLE>
	<!-- End Title Bar -->

	<!-- Content -->
<FONT SIZE=2 COLOR="#000000">

<P>US export controls limit the <i>workfactor</i> ("cracking" resistance) of encryption that can be provided by globally marketed software.  Responsible firms comply by overtly <i>leaking</i> enough bits of the otherwise-too-strong encryption key.  Less responsible marketers merely use a weak <i>cipher</i> (encryption algorithm). This has led to less than full disclosure about what does, or does not, constitute strong encryption software.

<P>The unintentional <i>covert</i> leaks in the Windows� operating system pose even greater threats.  <i>Forensic software</i> exploits those leaks for computer evidence recovery in law enforcement; for discovery in litigation; and for industrial espionage.  It can bypass <u>any</u> encryption, unless the cryptosystem includes specific functions to plug those leaks.

<P>Many encryption software products, though they encrypt with strong ciphers, do not include such functions.  They were designed for e-mail COMmunications SECurity between secure systems, rather than for secure data <i>storage</i> on unsecure systems.  

<P>The underlying architecture of all Windows� PCs makes it fundamentally impossible for add-on products to transform one into a secure <i>system.</i> You <i>can</i> cryptographically secure your <i>data,</i> but only if the encryption can't be bypassed by forensic software.

<P>The following tutorials outline our approach to the design of high-grade cryptosystems for the security-hostile Windows� environment, and guidelines for their secure use.

<FONT SIZE=1>
<P ALIGN=CENTER>
<BR><a href="winfosec.htm"><b><u>INFOSEC and WINDOWS</u></b><sup>&reg</sup>
<BR><i>COMPUSEC</i>
<BR><i>TRUSTED SYSTEMS</i>
<BR>CRYPTOGRAPHIC SECURITY
<BR>CRYPTOGRAPHIC STANDARDS
<BR>IMPLEMENTATION
<BR>OPERATING SYSTEM
</a>

<P ALIGN=CENTER>
<a href="keys.htm"><b><u>CRYPTOSYSTEMS and KEYS</u></b>
<BR><i>CODES</i> and <i>CIPHERS</i>
<BR>MODERN CIPHERS
<BR><i>DATA ENCRYPTION STANDARD</i>
<BR><i>TRIPLE-DES</i> CIPHER
<BR>EXPORT CONTROLS
<BR>KEY GENERATION
</a>

<P ALIGN=CENTER>
<a href="phrases.htm"><b><u>PASSPHRASES</u></b>
<BR>VULNERABILITIES
<BR>YOUR CHOICE
<BR><i>SHARED SECRET</i> KEY SHARES
</a>

<P ALIGN=CENTER>
<a href="leaks.htm"><b><u>WINDOWS&reg SECURITY LEAKS</u></b>
<BR><i>DELETE</i> DOESN'T
<BR><i>DEFRAGMENTING</i>
<BR>DIGITAL SCRAPS
<BR><i>WRITE-BEHIND</i> CACHE LEAKS
<BR>FILENAME LEAKS
<BR>THE <i>SWAPFILE</i>
<BR>UNAUTHORIZED COPIES
<BR>SYSTEM CRASHES
</a>

<P ALIGN=CENTER>
<a href="system.htm"><b><u>CONFIGURING YOUR SYSTEM</u></b></FONT>
<BR>YOUR <i>TEMP</i> SPACE
<BR>YOUR <i>SWAPFILE</i>
<BR><i>OPERATIONAL SECURITY</i>
</a>

</FONT>
	<!-- End Content --->

	<!-- Standard Footer --->
<CENTER>
<P><BR>
<FONT SIZE=2 COLOR="#006633"><B><i>
Cerberus Systems, Inc. develops, manufactures and markets<BR>
software cryptosystems designed to level 1 of FIPS PUB 140-1<BR>
with DOD 5220.22-M disk data recovery countermeasures.
</i></B></FONT>
<P><HR SIZE=1>
<FONT SIZE=1 COLOR="#CC3300">
The Cerberus logo and the <i>...Security Manager</i> product names are trademarks of Cerberus Systems, Inc.<BR>
&copy Copyright 1997-99, all rights reserved.
</FONT>
<HR SIZE=1>
</CENTER>
	<!--- End Standard Footer --->

</TD>
<!-- END MAIN SECTION -->

<!-- PADDING CELL -->
<TD>
<!-- right margin = 2 x cellpadding -->
</TD>
<!-- END PADDING CELL -->

</TR>
</TABLE>

</BODY>

</HTML>

Anon7 - 2021