Sunday, January 7, 2007

Review: Open-Source Encryption Utility Frustrates Phishers

By Mario Morejon, CRN
2:23 PM EST Fri. Jan. 05, 2007

Phishing schemes are proliferating, and this year may be the worst. Yet most companies remain in the dark about this threat, which can be squelched with encryption. One solution to the problem: TrueCrypt.

As far as encryption software goes, TrueCrypt may be one of the best open-source gems and least-recognized software offerings on the market. The CRN Test Center considers the utility, now at version 4.2, the ultimate information-hardening tool. Though the software is deceptively simple to use, it sports some cool features that help users encrypt entire partitions and hide data in virtual volumes.

Through phishing, hackers try to steal personal or confidential information from PCs via official-looking e-mail messages, as well as through spam, keylogging, trojans and other methods. While most anti-malware and anti-spam suites provide some protection, it's not enough to protect employees. But encryption software can prevent hacker and malware from reading critical files on employees' desktop and notebook PCs.

VARs that haven't been promoting encryption should consider looking into TrueCrypt. The software supports all of the top encryption algorithms, such as Triple DES, Blowfish and the famous AES-256, which is used by the U.S. government to encrypt top-secret documents. The TrueCrypt software uses AES as its default encryption in LRW mode.

Despite being powerful, many of these encryption methods are slow, especially when working with large keys. For most purposes, using TrueCrypt in 128-bit mode is more than enough to protect data. Prepare to wait a while if the Blowfish algorithm runs, since it churns through 16 rounds of encryption using a 448-bit key.

When creating virtual drives, TrueCrypt leverages hash algorithms that use the SHA-1 and RIPEMD-160 key generators. Because all the encryption steps require passwords and key files, users should nest volumes using various keys, which would make it virtually impossible for hackers break -- even if they have knowledge of some of the passwords.

TrueCrypt can hide volumes and embed volumes into files to make it more difficult to find data, even if intruders somehow get a hold of passwords. TrueCrypt calls this security feature "plausible deniability." Talk about James Bond.

Volumes can be hidden within empty spaces of other volumes, so even if an attacker gets into a visible volume, the partition is only partially revealed. To anyone looking at the data in the volume, the empty space looks like fragmented junk data.

The only critical feature missing from TrueCrypt is boot sector encryption, which is available in Microsoft Windows Vista. In addition to Windows XP and Windows 2003 server, TrueCrypt supports many Linux flavors and languages. The group is now working on Vista and Mac OS X support.

 

 



0 Comments:

Post a Comment

<< Home

Made4biz Security Translating real-world security knowhow into state of the art security systems.
Made4biz Security

Turn on Sound for Demos:
Bill Gates Demo (Location-based)
Elvis Demo (Location/Context-based)
Clint Eastwood Demo (Temporal-based)

Powered by Blogger

Subscribe to
Posts [Atom]

Technorati Profile

RSS Syndication

Made4Biz Security Inc