BreachExchange mailing list archives
Re: (article) "We recovered the laptop!" ... so what?
From: sawaba <sawaba () forced attrition org>
Date: Fri, 16 Feb 2007 23:21:50 -0500 (EST)
Many enterprise disk encryption appliances use M of N key sharing, such as those from Decru and Neoscale. Password-protected smart cards are used to store the key shares. --Sawaba On Fri, 16 Feb 2007, Adam Shostack wrote:
When we wanted to perform m of n key backup for the master keys at Zero Knowledge systems, there was nothing commercially available. Is there anything now? I'm unaware of anyone who uses m of n sharing in the real enterprise systems. Please enlighten me. On Wed, Feb 14, 2007 at 10:03:41PM -0500, sawaba wrote: | When serious encryption is needed, key management is as important as the | algorithm and key strength used. Most people have seen in the movies when | it takes multiple keys turned at the same time to activate the firing | mechanism for a nuclear weapon. It is similar in many enterprise data | encryption situations (minus the threat of worldwide destruction). M of N | key management requires a certain minimum number (say 3 of 6) of | custodians to input their piece of the key to decrypt the data. | | Obviously, this doesn't work when you need to log into your laptop ("yeah | Bob, this is Mike, could you come down to Starbucks and log me in again? I | went to the bathroom and it powered off while I was gone"). So, we come | back to the fact that certain kinds of data shouldn't be on laptops in the | first place. | | --Sawaba | | On Tue, 13 Feb 2007, Adam Shostack wrote: | | >Speaking for myself here. As I understand things: | > | >Certain versions of Vista (I think Ultimate and Enterprise) include | >Bitlocker whole drive encryption. It's not on by default because of issues | >about key management. So just upgrading to Vista, in and of itself, | >doesn't change anything. | > | >Bitlocker itself has a bunch of modes, ranging from keys stored in a | >TPM and unlocked with a PIN, to keys stored on the hard drive and | >unlocked with a password. How you actually protect the encryption | >keys might be seen as important. I don't know if anyone has done a | >comparison against state laws. | > | >Adam | > | >On Tue, Feb 13, 2007 at 07:34:43AM -0500, Herve Roggero wrote: | >| Let me give an example: If I do business in California, and my | >unencrypted | >| laptop gets stolen with 100,000 SSNs in it, stored in clear text. I need | >to | >| disclose this loss and reach out to 100,000 people to comply with SB | >1386. | >| | >| Now, if I upgrade my laptops to MS Vista, can I get away with it? | >| | >| | >| | >| I?m only asking as I am seeing an interesting response from CXO | >individuals | >| looking at MS Vista as a solution to their laptop/legal issues. If there | >is no | >| official technical workaround to this encryption and it takes thousands | >or | >| millions of years to crack, then it may fall under the ?reasonable? | >steps to | >| protect information and become a powerful tool for businesses looking to | >| comply. | >| | >| | >| | >| Thank you | >| | >| Herve Roggero | >| | >| Managing Partner, Pyn Logic LLC | >| | >| Cell: 561 236 2025 | >| | >| Visit www.pynlogic.com | >| | >| | >------------------------------------------------------------------------------- | >| | >| From: blitz [mailto:blitz () strikenet kicks-ass net] | >| Sent: Monday, February 12, 2007 8:14 PM | >| To: Herve Roggero | >| Cc: dataloss () attrition org | >| Subject: RE: [Dataloss] (article) "We recovered the laptop!" ... so what? | >| | >| | >| | >| Ok, so youve got a copy of an encrypted disk to crack at your leisure. | >The data | >| is still compromised and in someone elses hands, and they have no idea | >if its | >| secure or not. | >| That still counts as a loss in my book. | >| | >| At 08:54 2/12/2007, you wrote: | >| | >| | >| Hi everyone | >| | >| This thead is very interesting. All techniques so far deal with reading | >data at | >| a low level. Will Windows Vista prevent techniques such as Symantec | >Ghost? I | >| understand that Vista performs bit-level encryption with its BitLocker | >| technology. | >| | >| Thanks. | >| | >| Herve Roggero | >| Managing Partner | >| Pyn Logic LLC | >| Visit www.pynlogic.com | >| | > | >| _______________________________________________ | >| Dataloss Mailing List (dataloss () attrition org) | >| http://attrition.org/dataloss | >| Tracking more than 148 million compromised records in 573 incidents over | >7 years. | > | >_______________________________________________ | >Dataloss Mailing List (dataloss () attrition org) | >http://attrition.org/dataloss | >Tracking more than 148 million compromised records in 573 incidents over 7 | >years. | >
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 148 million compromised records in 576 incidents over 7 years.
Current thread:
- Re: (article) "We recovered the laptop!" ... so what? Max Hozven (Feb 12)
- Re: (article) "We recovered the laptop!" ... so what? B.K. DeLong (Feb 12)
- <Possible follow-ups>
- Re: (article) "We recovered the laptop!" ... so what? Herve Roggero (Feb 12)
- Re: (article) "We recovered the laptop!" ... so what? Al Mac (Feb 12)
- Re: (article) "We recovered the laptop!" ... so what? blitz (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? Herve Roggero (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 13)
- Message not available
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? B.K. DeLong (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 16)
- Re: (article) "We recovered the laptop!" ... so what? Adam Shostack (Feb 17)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 19)
- Re: (article) "We recovered the laptop!" ... so what? Chris Walsh (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? security curmudgeon (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? Chris Walsh (Feb 13)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 14)
- Re: (article) "We recovered the laptop!" ... so what? sawaba (Feb 14)