Encription

Printable View

July 4th, 2002, 03:41 PM
scoundral

Encription

How secure is a hard disk encripted with AES 128bit encription found on pgp 7? can any one unscramble it with out the pass phrase?
July 4th, 2002, 04:39 PM
Noia

Nope.....well...never say never....
The NSA might, but sum 1 with a 98 box won't have a chance in hell...

- Noia
July 4th, 2002, 06:18 PM
scoundral

Thanx Noia !! i can now sleep easy
July 4th, 2002, 06:28 PM
lordshinmei

The only way to break AES128 is to use a bunch of supercomputers, unless an internal weakness is found in the algorithm. Combined with PGP it should be pretty secure. How large are the keys for that version of PGP?
July 5th, 2002, 12:44 PM
scoundral

128bit and 256bit are the two options for encripting HDs
July 5th, 2002, 01:34 PM
spirit909

Quote:

Originally posted here by scoundral
Thanx Noia !! i can now sleep easy

lol what are you hiding ?!
July 5th, 2002, 01:50 PM
scoundral

my bank accout details, a few music demos done by local bands, mp3s (for backup purposes) course work
July 5th, 2002, 01:52 PM
ahmedmamuda

hey scoundral,
check this out!
http://www.antionline.com/showthread...hreadid=126020
July 5th, 2002, 11:57 PM
lordshinmei

The NSA can definitely crack 128/256-bit PGP; I don't know about AES since it's pretty new. I would upgrade to RSA with 1024 or 2048-bit keys and keep the AES also. For extra security, if you don't want to upgrade an of your algorithms, you could encrypt the files multiple times-- encrypt it once with one key, then encrypt a second time with another key, et cetera-- this is the equivalent of using very large keys. Using AES to encrypt the same file eight different times is the equivalent of using a 1024-bit key. You could also develop software that does this for you for a given number of iterations.
That's how 3DES gets its security. DES has 56-bit keys and you can crack it in no time on a fast enough computer, but 3DES has the equivalent of 168-bit keys and is much more secure.
July 6th, 2002, 01:14 AM
roswell1329

Didn't Evi Nemeth crack the DES encryption algorithm with some kind of supercomputer? (She's a co-author of the Unix System Administration Handbook http://www.admin.com) I don't have my book in front of me, so I can't look up the answer. I know I read it in there somewhere, though. If she can crack it, the algorithm isn't 100% secure, but for most uses (up to industrial-strength) it seems practical.
March 17th, 2003, 06:45 AM
dark1

ok short and simple sha256 is it breakable ? if so does anyone have a link or info

Method ,,,,,,,,,,,, Digest Length (bytes) ,,,,,,,,,,,,,, Security

MD5 ,,,,,,,,,,,,,,,,,, 16 ,,,,,,, Moderate
RIPEMD128 ,,,,,,,, 16 ,,,,,,,,,,,, Moderate
RIPEMD160 ,,,,,,, 20 ,,,,,,,,,,, High
SHA-1 ,,,,,,,,,, 20 ,,,,,,,,, High
sha256 ,,,,,,,,,,,,,, 32 ,,,,,,,,,,,,, Very High
SHA384 ,,,,,,,,,, 48 ,,,,,,,,,,, Very High
SHA512 ,,,,,,,,,,,,,, 64 ,,,,,,,,,,,,, Very High
March 17th, 2003, 11:49 AM
slarty

Remember that if the relevant security services *did* want your data, they would not bother decrypting it by force.

A chain is only as strong as the weakest link, and in this case, you or your operating system are almost certainly weaker than the encryption method.

If you use something like Windows, you will have virtual memory enabled by default. Parts of your encrypted data will find their way into the swapfile, whether you like it or not. Ok, so you buy more memory and turn off swap. What then?

Common applications (like Word, etc) place bits of your file into temporary files which they litter the machine with, you can remove them, but they will be recreated next time you open the files (obviously that removal has to be done with a secure file deletion utility)

Then you're ok, right? No.

I don't have personal experience with the disc encryption software the OP mentions, but I assume it works like all the others I've used.

While you have the encrypted volume open, any program can access the data. This includes any trojan which unfriendly people may have placed on there to grab your data.

While they're at it, why don't they just install a keylogger to grab your password and anything else you might type.

If of course, you're the next Bin Laden, they probably have even better steps. Suppose they cannot get a trojan on to your machine because you are too elite (perhaps you use an operating system which cannot be trojan'd by the US government (this is very unlikely)) - they will simply covertly enter your house when you're not in and install a covert hardware keylogger, perhaps with a radio transmitter in it. Unless you open up your keyboard and examine it with a magnifying glass, you'll never notice it.

IMHO, disc encryption is mostly useful for laptops so that if your machine is physically stolen the data cannot be retrieved.

But remember, if you let that machine out of your sight for just a few minutes, anything could be on it.