RSS Alerts

Related Links

  • Origin Storage
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Infosecurity 2010: Origin launches self-encrypting drive kits
    Origin Storage is planning to unveil a range of self-encrypting drives for use in laptop computers at the Infosecurity Europe show when it opens in London tomorrow.
  • Origin Storage to unveil one terabyte secure drive on 14 October
    Origin Storage will unveil a one terabyte (1000 gigabyte) version of its Data Locker, secure external hard drive unit, at the Storage Expo show, which opens at London Olympia on 14 October for a two-day run.
  • Does weak cloud password security mean local storage is best?
    Hard on the heels of researchers at last week's Black Hat security briefings showing how easy it is to recover third party passwords on Amazon's EC2 and Microsoft's Office Online services, Andy Cordial, Origin Storage's managing director, said that this highlights the fact that local storage technology is far more secure than the cloud.
  • Comment: IT security tips from Eagles’ songs
    From ‘Hotel California’ to ‘Lyin’ Eyes’, songs by the US rock legends have useful infosecurity lessons for enterprises. Nick Lowe, Check Point’s head of sales for Western Europe, shows you the signs
    Members' Content
  • Council multiple laptop theft highlights security problems
    The saga of St Albans' council and four stolen laptops – containing the details of more than 14 000 postal voters – is coming to an end, but the security consultants that carried out the investigation say there are still security policy lapses at the council's offices.

News

Laptop users need to raise their encryption game

07 May 2010

Fresh from releasing a range of encrypted drive kits at last week's Infosecurity Europe show, Origin Storage says that the steady stream of advances in brute force decryption techniques – which started when Russia's Elcomsoft released the first versions of its Password Recovery suite of 'utilities' around 18 months ago – means that laptop users must now raise their game when it comes to encryption.

And, says Andy Cordial, managing director the storage systems integration firm Origin Storage, as Russian password decryption specialist Elcomsoft's advances clearly show, it can only be a matter of time before further advances are possible.

"Elcomsoft's Password Suite shows how it is possible to dramatically speed up the rate at which an application crunches its way through password combinations using advanced hardware techniques", he said.

"You only have to look at some of the latest software from Elcomsoft, such as Advanced PDF Password Recovery, to realise that it's now possible to recover a 40-bit RC4 password-coded Adobe PDF file in a matter of minutes", he said.

"And if you look at the specification of this package, you begin to realise that certain types of AES encryption are also starting to become crackable, although you are currently talking about the kind of processing power that only governments and large corporations have access to", he added.

Cordial argues that it is only a matter of time before some coding genius moves the password recovery game on a few more stages, making a lot of encryption technologies on laptops just a few years old, infinitely more crackable.

"Can the man in the street do this? No, but the man in the testing lab can, and cybercriminals clearly now have access to parallel processing and advanced decryption technologies. It's not inconceivable that criminal gangs have cracked weaker AES crypto technologies already and are waiting for an opportunity to try out their skills", he warned.

Against this backdrop, Cordial advises users to take a multi-layered strategy to their data encryption by installing the most powerful levels of AES encryption that are currently commercially available and add on an additional layer of defence such as a passphrase security system or a biometric scanner.

Some of the latest laptops already offer fingerprint scanners as optional extras, although Cordial says that users should be selective as to which biometric applications they use to protect their data.

Passphrase protection is another valuable extra layer of defence that can be deployed in parallel with encryption.

"Users of legacy laptops that want to move on up to the benefits of encrypted drives, meanwhile, should look at the Enigma range of secure encrypted drives that we launched at the Infosecurity Europe show late last month", he said.

"As cybercriminals get smarter on the encryption cracking front, so company laptop users must use the best tools at their disposal to defend against their data falling into the wrong hands", he added.

 

This article is featured in:
Encryption

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water