Huge Collections of Software Manuals and Knowledgebase

GreatManuals.com
Huge Collections of Software Manuals and Knowledgebase
 
Home Contact us Request to publish your help manuals Request to remove your help manuals

Introduction
 » StrongDisk Pro
 » Software & Hardware Requirements
 » Installing & Registering
 » User Interface
Using Protected Disk
 » Protected Disk Construction & Usage
 » Creating Protected Disk
 » Mounting Protected Disk
 » Automounting Disks
 » Dismounting Protected Disk
 » Changing Password or Key
Using StrongDisk Pro
 » Changing Protected Disk Properties
 » Backup & Restore Disk Headers
Working With External Keys
 » How Do External Keys Work
 » Supported Electronic Keys & Modes
 » Initializing External Keys
 » Copying External Keys
 » Changing PIN Code
 » Removing External Key Code
StrongDisk Options
 » Options Dialog
 » General Tab
 » Security Tab
 » Instant Dismount Tab
 » External Keys Tab
 » Automounting Disks
 » Encryption Algorithms Review
Additional Security Measures
 » Good Passwords & Bad Passwords
 » Secure Data Deletion
 » Folder TEMP on Protected Disk
 » Sweeping Free Space
 » Swap File Sweeping
Additional Security Measures
 » Frequently Asked Questions
 » Conventional Signs Key
 » Technical Support Service
 

Encryption Algorithms Review

Disk image file consists of two parts: the data itself and the header. The latter, along with service information, contains a sequence of bytes that is used as an encryption key for the data on this disk. This byte sequence is also encrypted, and the encryption key to it is a byte sequence resulting from applying a hashing algorithm to the user›s password and the code stored in the external key. You can use any of the following algorithms to encrypt data on the protected disk and the encryption key:

flash media data recovery compact flash recovery digital camera repair services
professional data recovery data recovery tools download file recovery program
deleted files recovery windows vista data recovery free password recovery
  • AES (Rijndael);
  • Blowfish;
  • triple DES;
  • CAST-128;
  • SAFER.

Why is it impossible to use "the very best" single algorithm? There are three main reasons for that:

  • Access to the data that is encrypted with any of the four above-mentioned algorithms is an excessively time-consuming calculation problem that is solved by brute force. The goal is to pick a key. If the key is long enough, the amount of calculations becomes enormous. Such attack might require several months of a super-computer or many computers that are working in a net processor time. Is brute force an only way to break AES, triple-DES, CAST-128, SAFER or a Blowfish encryption? Currently for none of these algorithms there is an effective method of picking a key. But it is not proved that such methods do not exist. Hence one should not take off the account that sooner or later for one of this algorithms there will be found a method of fast key picking. This algorithm will immediately loose its cryptographic value and it will be impossible (or, better said, useless) to use this algorithm any longer. In such a case you will be able to replace this algorithm with another one that comes with StrongDisk Pro. If the system would have supported only one algorithm upon its discredit all your data would have remained unprotected until the next StrongDisk Pro version.
  • StrongDisk Pro is decrypting and encrypting the data at the moment when it is read or written, so the productivity of encryption algorithm is of great importance. Employing a slow algorithm will cause all the applications that need data from the protected disks to work slowly. Due to universal conservation laws (we will not discuss this topic in this guide and will just limit us with metaphysical considerations) the fastest algorithms provide least security and vice-versa. In this situation it is reasonable to use a relatively fast algorithm for data encryption and a cryptographically strong one for encrypting the key.

Hash Algorithms

A hash algorithm is a function that converts a password of arbitrary length to a 20 bytes sequence of numbers from 1 to 255. This sequence is used as a key for encrypting the key to the data on the protected disk. It is impossible to deduce the password from this sequence, and the probability is negligibly small that two different passwords will be converted to the same string. Hash algorithms increase the strength of encryption.

Current StrongDisk Pro version supports the following two hash algorithms:

  • MD5/Hash is a widely used hash algorithm. It is used for example for Windows NT password encoding and in PAP authorization protocol that is used for establishing PPP connections with Internet service providers.
  • SHA/Hash (Secure Hash Alg.) – this algorithm realizes the USA hash algorithms standard.

Choosing Encryption Algorithm

The AES (Advanced Encryption Standard) is the title won by the Rijndael algorithm from the NIST (National Institute of Science and Technology) and which has now been established as USA government encryption standard.

We suggest you to use CAST-128 or Blowfish algorithms to encrypt data on the protected disks and AES algorithm to encrypt the key. If you are ready to sacrifice speed for maximum security, then use only AES.

A significant criterion for choosing an encryption algorithm is the length of its usage, since the probability of finding an effective breaking algorithm decreases with time. Thus triple DES that has been tested for a long time has an advantage before the new algorithm CAST-128 and Blowfish, which is quite good.

CAST-128 is a relatively new highly productive symmetrical algorithm that has been developed by ENTRUST, a Canadian company. Its productivity is several times better than that of other algorithms, but for now its cryptographic strength has not yet been tested throughout. Some experts say that in some time this algorithm will be one of the most widely used in the world.
Home | Contact us | Request to publish your help manuals | Request to remove your help manuals