Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Encryption solutions
New Posts  All Forums:Forum Nav:

Encryption solutions

post #1 of 8
Thread Starter 
I would like to keep this topic (according to OCN terms) as politics free, but the breaking and if not possible of breaking, permanent "theft" of encrypted data, what is a sure and say "secure" way of storing sensitive data in the long run?. I'm talking overkill here... what steps might you take to keep that sensitive email "sensitive". This can be on a personal level or on an enterprise level.

Thanks,
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
post #2 of 8
Ha! Don't send it.

Write it on a piece of paper and send it fedex.

Seriously, it's all a matter of degree.
How "safe" do you want to be?
How much time are you willing to invest?
How much money are you willing to spend?

With the NSA rooting around in Google's servers pretty much nothing is "absolutely" safe anymore.

Perhaps Congress will.....Na!
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
FX6300 Black M5A99X EVO R2.0 Nvidia GTS450 Team Vulcan PC3 12800 
Hard DriveOptical DriveCoolingOS
Samsung 840 PRO Asus DRW-1608P (x2) Custom Water Cooling Win7 (Ult), Win 8.1 & Win Server 2012 R2 
MonitorKeyboardPowerCase
2 X Samsung 915N Ducky Shine III, Blue Cherry/Blue LEDs PCP&C 1kw Lian Li PC-71 (W/Window) 
MouseAudio
Logiteck G400s none 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
FX6300 Black M5A99X EVO R2.0 Nvidia GTS450 Team Vulcan PC3 12800 
Hard DriveOptical DriveCoolingOS
Samsung 840 PRO Asus DRW-1608P (x2) Custom Water Cooling Win7 (Ult), Win 8.1 & Win Server 2012 R2 
MonitorKeyboardPowerCase
2 X Samsung 915N Ducky Shine III, Blue Cherry/Blue LEDs PCP&C 1kw Lian Li PC-71 (W/Window) 
MouseAudio
Logiteck G400s none 
  hide details  
Reply
post #3 of 8
Quote:
Originally Posted by nooboc2012 View Post

I would like to keep this topic (according to OCN terms) as politics free, but the breaking and if not possible of breaking, permanent "theft" of encrypted data, what is a sure and say "secure" way of storing sensitive data in the long run?.

This sentence doesn't make any sense...
Quote:
Originally Posted by nooboc2012 View Post

I'm talking overkill here... what steps might you take to keep that sensitive email "sensitive". This can be on a personal level or on an enterprise level.

Thanks,

Really, the best thing I can think of is sharing a symmetric key with someone in addition to using SSL. You're kind of encrypting an encrypted message, but you guarantee that you're talking to the intended party with the exchange of signatures (unless of course you choose to ignore; that's what that this page is all about)

If you want to store things securely, use encryption on your drives. You can put your important files on encrypted disk image files (don't know if OSX is the only one that supports this.) Don't keep things on drives that are attached to your computer (maybe use USB drives and disconnect them when they're not in use), and disable hibernate (hibernate keeps a memory dump on your local disk which contains everything including passwords in plaintext.)

If you want overkill, then don't store anything on a system that has network capabilities. As billbartuska said, the best way to keep data safe is to not send it. "A secret can be shared among 3 people... if 2 of them are dead."

I really hope I'm helping someone keep something other than a porn stash safe here... lol...
post #4 of 8
Quote:
Originally Posted by nooboc2012 View Post

I would like to keep this topic (according to OCN terms) as politics free, but the breaking and if not possible of breaking, permanent "theft" of encrypted data, what is a sure and say "secure" way of storing sensitive data in the long run?.

This sentence doesn't make any sense...
Quote:
Originally Posted by nooboc2012 View Post

I'm talking overkill here... what steps might you take to keep that sensitive email "sensitive". This can be on a personal level or on an enterprise level.

Thanks,

Really, the best thing I can think of is sharing a symmetric key with someone in addition to using SSL. You're kind of encrypting an encrypted message, but you guarantee that you're talking to the intended party with the exchange of signatures (unless of course you choose to ignore; that's what that this page is all about)

If you want to store things securely, use encryption on your drives. You can put your important files on encrypted disk image files (don't know if OSX is the only one that supports this.) Don't keep things on drives that are attached to your computer (maybe use USB drives and disconnect them when they're not in use), and disable hibernate (hibernate keeps a memory dump on your local disk which contains everything including passwords in plaintext.)

If you want overkill, then don't store anything on a system that has network capabilities. As billbartuska said, the best way to keep data safe is to not send it. "A secret can be shared among 3 people... if 2 of them are dead."

I really hope I'm helping someone keep something other than a porn stash safe here... lol...
post #5 of 8
Have encypted drives, then use encrypted containers within those dirves by true crypt, then within that have a GPG encrypted file, which contains a passowrd protects zip file, containing a img which can be mounted in KVM which in turn is encrypted


I guess er that would be secure (sorry i had too wink.gif)



Realy, HDD encryption is good, any GOV coming acorss a encytped drive is more lilley to ask you for the pasword then try to brute it, If your sending emails and such use GPG encryption and make sure you get people to sign your key, use things such as DNS sec and HTTPS everywhere, and dont visit dogey sites
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #6 of 8
A lot of times you'd want a few layers.

Like storing data on an end point, you can have a full drive encryption mechanism and then encrypt individual files with another strong cipher.
Or if you are transferring files remotely, send an encrypted file over a separately encrypted tunnel like a VPN with a strong cipher, SFTP or similar.

It also comes down to training your staff to not be idiots. A lot of leaks are a result of freely sharing or socially engineered attacks (including morons installing malware at every opportunity).
post #7 of 8
A passworded archive is sufficient, even if you are trying to protect data from governments. Implementation matters though. Most importantly, strong passwords, a way of communicating them, and sensible usage practices

I wouldn't trust SSL, AES, any standard too widely adopted, too obscure, or anything non-public. The current revisions of some of the AES candidates are good options.

Personally, if I want to never loose my sensitive data, I upload it where anyone can have it, and where it will get around (making it nonviable to delete or destroy), relying on the encryption to protect it. Then I communicate the where, how, and with what password to those people I want to be able to access it, in person, and make sure they know never to mention it, nor put anything in writing anywhere. I also make sure they know to only view the contents of the file(s) from a live environment loaded from clean write-protected media (which keeps everything in RAM), preferably a system that has no other non-volatile storage attached.
Primary
(15 items)
 
Secondary
(13 items)
 
Vishera Testbed
(11 items)
 
CPUMotherboardGraphicsRAM
5820K @ 4.3GHz, 1.225v Gigabyte X99 SOC Champion (F4m) 2x Sapphire R9 290X Tri-X OC New Edition (10036... 4x4GiB Crucial @ 2667, 12-12-12-28-T1, 1.35v 
Hard DriveHard DriveHard DriveCooling
Plextor M6e 128GB (fw 1.05) M.2 (PCI-E 2.0 2x) 2x Crucial M4 256GB 4x WD Scorpio Black 500GB Cooler Master Nepton 280L 
OSMonitorKeyboardPower
Windows 7 Professional x64 SP1 BenQ BL3200PT Filco Majestouch Tenkeyless (MX Brown) Corsair RM1000x 
CaseMouseAudio
Fractal Design Define R4 CM Storm Spawn Realtek ALC1150 + M-Audio AV40 
CPUMotherboardGraphicsRAM
X5670 Gigabyte X58A-UD5 r2.0 w/FF3mod10 BIOS Reference R9 290X w/Stilt's MLU 1000e / 1375m E... 2x Samsung MV-3V4G3D/US @ 1600MT/s 7-8-8-19-T1,... 
RAMHard DriveHard DriveHard Drive
1x Crucial BLT4G3D1608ET3LX0 @ 1600MT/s 7-8-8-1... OCZ (Toshiba) Trion 150 120GB Hitachi Deskstar 7k1000.C 1TB 2x Seagate 7200.10 RAID 0 
CoolingOSPowerCase
Prolimatech Genesis + 2x140mm Cougar 1200rpm Windows Server 2008 R2 Antec TP-750 Antec P182 
Audio
ASUS Xonar DS 
CPUMotherboardGraphicsRAM
FX-9590 @ 5GHz, 1.55v ASUS Sabertooth 990FX R2.0 Reference NVIDIA GTX 780 2x8GiB G.Skill DDR3-1866 10-11-10-30-T1, 1.5v 
Hard DriveHard DriveCoolingOS
Crucial M500 480GB 2x Samsung Spinpoint F1 1TB XSPC RX360 + X20 750 + Raystorm Windows 7 Pro SP1 x64 
MonitorPowerCase
Dell S2740L Seasonic SS-860XP2 Coolermaster HAF-932 
  hide details  
Reply
Primary
(15 items)
 
Secondary
(13 items)
 
Vishera Testbed
(11 items)
 
CPUMotherboardGraphicsRAM
5820K @ 4.3GHz, 1.225v Gigabyte X99 SOC Champion (F4m) 2x Sapphire R9 290X Tri-X OC New Edition (10036... 4x4GiB Crucial @ 2667, 12-12-12-28-T1, 1.35v 
Hard DriveHard DriveHard DriveCooling
Plextor M6e 128GB (fw 1.05) M.2 (PCI-E 2.0 2x) 2x Crucial M4 256GB 4x WD Scorpio Black 500GB Cooler Master Nepton 280L 
OSMonitorKeyboardPower
Windows 7 Professional x64 SP1 BenQ BL3200PT Filco Majestouch Tenkeyless (MX Brown) Corsair RM1000x 
CaseMouseAudio
Fractal Design Define R4 CM Storm Spawn Realtek ALC1150 + M-Audio AV40 
CPUMotherboardGraphicsRAM
X5670 Gigabyte X58A-UD5 r2.0 w/FF3mod10 BIOS Reference R9 290X w/Stilt's MLU 1000e / 1375m E... 2x Samsung MV-3V4G3D/US @ 1600MT/s 7-8-8-19-T1,... 
RAMHard DriveHard DriveHard Drive
1x Crucial BLT4G3D1608ET3LX0 @ 1600MT/s 7-8-8-1... OCZ (Toshiba) Trion 150 120GB Hitachi Deskstar 7k1000.C 1TB 2x Seagate 7200.10 RAID 0 
CoolingOSPowerCase
Prolimatech Genesis + 2x140mm Cougar 1200rpm Windows Server 2008 R2 Antec TP-750 Antec P182 
Audio
ASUS Xonar DS 
CPUMotherboardGraphicsRAM
FX-9590 @ 5GHz, 1.55v ASUS Sabertooth 990FX R2.0 Reference NVIDIA GTX 780 2x8GiB G.Skill DDR3-1866 10-11-10-30-T1, 1.5v 
Hard DriveHard DriveCoolingOS
Crucial M500 480GB 2x Samsung Spinpoint F1 1TB XSPC RX360 + X20 750 + Raystorm Windows 7 Pro SP1 x64 
MonitorPowerCase
Dell S2740L Seasonic SS-860XP2 Coolermaster HAF-932 
  hide details  
Reply
post #8 of 8
Thread Starter 
Thank you all for your suggestions
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Encryption solutions