#1
  1. Ruler of the Universe & Canada
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Aug 2004
    Posts
    1,393
    Rep Power
    43

    Hard drive encryption


    Hey, back from sleepy hallow, I am.

    Anyway, I am getting a few new external 500GB hard drives (try 3), and I am going to be needing some kind of encryption program. All 3 drives will be encrypted, but one of them is going to have a few backups on it - Acronis TrueImage ones. I know TrueImage can encrypt, but I want to get the best possible encryption, if only so I can point and laugh as I describe how long it'd take to crack it.

    I've considered TrueCrypt, however, it requires encryption software on both ends. I want something that, upon boot from USB, asks me what the password is, and then becomes availiable to the system.

    Is there anything like that availiable? TrueCrypt is probably going to be used on the other two 500G's (unless you guys have better suggestions), but I do think it'd be a good idea to keep the data encrypted on the backup 500G.

    The basic requirements:

    -Good encryption
    -Able to write a boot sector for itself, ie, be able to ask for a password when it's hooked to the computer's USB port and the computer can boot from it.
    -After the above decryption, all data is accessible as normal

    I don't know if that's too steep or not, but, I'm sure you guys know of a good program that can do it - anyone?


    Thanks in advance,

    -Xbot
    Last edited by xbot; July 27th, 2006 at 11:42 AM.
    Start a revolution
    I need a girl who loves me for my money, but doesn't understand Math.
  2. #2
  3. "That Guy"
    Devshed Novice (500 - 999 posts)

    Join Date
    Apr 2005
    Location
    Wouldn't you like to know? (To come beat me up maybee)
    Posts
    677
    Rep Power
    372
    Well if you can decrypt it via password, then the program is designed one of two ways:
    -Has a straight encryption method that will be used for all decryptions, and the password just validates it, which then decrypts everything.
    -Includes the password somewhere in the algorithm, which will require the correct password.

    Both ways wouldnt be too secure, the first one, anyone who has any knowledge of how the program decrypts could hack into the harddrive and download the encrypted files, and then decrypt them thereselfs.

    The second way could be brute forced.

    (In which the second way is rarely seen)

    If the data is sensetive then the first way isnt gonna stop any computer geek that needs that data, you can search around and find out how to decrypt it... or he could hack while you have it connected. Encryptions not gonna stop anybody from hacking past a password. If someones smart enough, and has the equipment to download the data straight from the harddrive, encryptions not gonna be but a stick in the road.

    Plus encrypting and decrypting 500GBs of data will take an enourmous amount of time.

    -Sorry I dont have any program suggestions, just use whatever you think is appropriate, your not gonna find a program that encrypts and decrypts more/less secure, I mean any well designed one, they all will use an algrothm, and it will be figured out by someone.
  4. #3
  5. Trapped on the forums...help
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Aug 2003
    Location
    /Users/edman007
    Posts
    4,602
    Rep Power
    910
    encrypting a drive does provide security, if the hard drive is taken then is basically not going to allow its date to be read, once it mounted on your computer then the encryption is not an obstacle to any user

    as for how to do this, in linux you can just mount it through a encrypted loopback, in OS X you can just fill up the drive with a disk image and mount the image, i'm not sure about windows though (i know Vista provides this), if you want it to be bootable (which means not windows because you can't boot windows on USB [well without quite a bit of hacking]) then you have to install a small version of your OS to startup and ask for the password then mount the encrypted partition and continue the boot, your not going to get something encrypted and bootable just by editing the bootloader, and the startup files have to be unencrypted allowing for an attacker to install a key logger in that

    BTW, the encryption used in modern drive encryption methods not going to broken by just anyone, you use a short password to hash up a 256 or 512 bit key thats used to decrypt every bit, that hashing algorithm is designed to be very CPU intensive to make it very very infeasible to brute force it, and the 256 or 512 bit key is even harder to break so with any decent encryption algorithm it would take well over a million years with a super computer to crack it, of course if your password is "password" the encryption doesn't do much

    Comments on this post

    • medialint agrees

IMN logo majestic logo threadwatch logo seochat tools logo