second to jump into this religious debate:
At 07:22 AM 7/19/2007, Joseph Belsanti wrote:
Sent on behalf of Thi Nguyen-Huu. .
My name is Thi Nguyen-Huu. I am the founder, CEO and CTO of WinMagic.
...
Full-disk encryption is the only secure method to protect data on (boot)
disks.
...
Therefore, we are convinced FDE is NOT overkill.
At 12:10 PM 7/19/2007, Jonathan Schulze-Hewett [Director of Product Development
at ISC] wrote:
I would argue that FDE is underkill as it provides no protection from cyber attack, viruses or Trojan horses. FDE does not protect data at rest. It protects the data only if the computer is lost in a power state that does not allow a live attack.
Some probably useless references:
http://www.htcia-sd.org/Reference%20Documents/Detecting%20Whole%20Disk%20Encryption.pdf
Info on cyber attacks:
http://usinfo.state.gov/journals/itps/1198/ijpe/pj48min.htm
http://www.washingtonpost.com/wp-dyn/articles/A6746-2004Jun25.html
http://www.eweek.com/article2/0,1895,2138285,00.asp
Jonathan
Back to Mr. Thi:
Yeah, I cannot comment on DOD using file encryption only products.
Fortunately, I have no such inhibitions.
'File encryption only' (rather than FDE) products are used for certain
applications within DoD for those reasons (among others) that Jon mentions in
his note above: a disk that freely 'gives up' ALL of its sensitive info whenever
a legitimate user is logged in to the system doesn't provide any protection
whatsoever in many realistic attack scenarios.
FDE may protect you if your laptop is stolen, but getting your laptop out of the
Pentagon is probably the toughest way for a thief to steal classified data! A
good thief is going to find easier ways. It is just a fact of life that keeping
your files properly encrypted (until you really need to access the plaintext)
presents a smaller window of opportunity to any thief.
Moreover, file (or channel) encryption is the only way to protect 'data in transit'
(unless you plan to FedEx your encrypted hardware around the globe), so it makes a
lot of sense (and saves a lot of money) to simply use file encryption for
protection of both data-at-rest and data-in-transit. (Though, I admit, with file
encryption somewhat more reliance is necessarily placed on the skills of end-users.
But a rather small investment in training often provides a rather large increase
in security and utility! It's the nature of the FDE vs. file encryption tradeoff.)
BTW, the encryption of virtual disk partitions provides a middle ground between
the two extremes, but gets much less respect than it deserves. Encrypted partitions
need only be mounted when access to plaintext is required; otherwise their data
is off-line and impervious to assault. Thus they provide the same 'small window
of opportunity' to smart thieves as do encrypted files. Encrypted disks, in the
guise of ordinary ciphertext files, are easy to transmit and remained protected
in transit. Proper use of an encrypted virtual partition product typically
requires less user training than for a file encryption product; but more than
for a typical FDE product.
It can be argued that, for certain applications, encrypted virtual partitions
are the best choice.
What we can agree on, I think, is that the prevailing (OMB?) notion that an FDE
solution can fit all governmental security needs is as absurd as their claim
that most agencies already have adequate security mechanisms in place. :-)
But the focus here is protecting data on disk.
Whenever we're not discussing quantum cryptography.
-mjm
_______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
