Security Basics mailing list archives

RE: The ugly side of using disk encryption

From: "dave kleiman" <dave () davekleiman com>
Date: Mon, 23 Oct 2006 12:29:53 -0400
We tested it when we first started using it, I did not save the data. Now I
remember it being 20-40% depending on the function, but definitely not
double (100%).

My forensic laptops are all DriveCrypted, I have let at least 50 different
techs use them when working cases together, not one of them have ever said
"your machine is slow", most of them comment that it is a screamer.

Now I copy a 30GB file to and from encrypted and non-encrypted drives
everyday, through USB and/or Firewire. The difference in time to a
non-encrypted drive is 39 vs 44 minutes. I can live with that. 

Maybe to the human eye it is hardly noticeable, of course I am not a gamer,
maybe there it would be.

Well all I can say is even if it is 200%, the peace of mind is worth the
performance.

Maybe you should test Drive Crypt.

Dave
 

    -----Original Message-----
    From: Saqib Ali [mailto:docbook.xml () gmail com] 
    Sent: Monday, October 23, 2006 11:54
    To: dave kleiman
    Cc: security-basics () securityfocus com
    Subject: Re: The ugly side of using disk encryption
    
    Dave,
    
    The Full/Whole disk encryption solutions certainly add 
    major overhead.
    However sometimes users don't notice it. I did an analysis 
    of various WDE/FDE solutions available. If you are using 
    AES256 the performance degradation is more that 100%, i.e. 
    the access time for a file doubles after full disk 
    encryption. Here are the results:
    http://www.xml-dev.com/blog/index.php?action=viewtopic&id=250
    
    
    On 10/23/06, dave kleiman <dave () davekleiman com> wrote:
    > I have been using DriveCrypt Plus (whole OS/Disk) and DriveCrypt 
    > (encrypted
    > containers) for about 3 years now, and thus far have no 
    negative feed back.
    > The only issue I ever had with Plus was when SP1 for 2003 
    came out, 
    > but their latest version overcame that. However, they 
    claim not to 
    > support server, but I have been using it all this time.
    >
    > I do not even notice any performance degradation, 
    although I am sure 
    > there is some.
    >
    > They have a complete suite of encryption tools:
    > http://www.securstar.com/
    >
    >
    > Respectfully,
    >
    > Dave Kleiman
    >
    > http://www.davekleiman.com/about.php
    >
    >
    >
    >     -----Original Message-----
    >     From: listbounce () securityfocus com
    >     [mailto:listbounce () securityfocus com] On Behalf Of Will Yonker
    >     Sent: Saturday, October 21, 2006 21:13
    >     To: security-basics () securityfocus com
    >     Subject: RE: The ugly side of using disk encryption
    >
    >     This thread has finally got me off my butt.  I have been
    >     meaning to create some sort of encryption standard for a
    >     few customers but encryption really isn't my area.
    >
    >     So here is the question:  What is the best way to 
    encrypt data?
    >
    >     A broad question, I know.  Let me narrow it down.
    >
    >     1)  Some users work with sensitive data on their laptops
    >     when in places where network access is unreliable.
    >     2)  This is data that would be useful to competitors.  It
    >     could be financially beneficial for these competitors to
    >     hire professionals to gain access to any data that might be
    >     stored on the laptop.
    >     3)  The data can be in the gigabytes but not more than 10 GB.
    >     4)  Speed of the decryption is not a large factor.
    >     5)  Some of the files will be MS Word and MS Excel documents.
    >     6)  All machines are running Windows XP.
    >
    >     Now, I've taken a look at TrueCrypt and figured that a
    >     three cypher, hidden volume, passphrase + key stored on USB
    >     stick to be the best that I could do.  I was also playing
    >     with the idea of installing TrueCrypt only on the USB stick
    >     so the attacker would have to guess what was used to create
    >     the hidden volume if they found it.
    >
    >     Is this the best approach?  Is there more that I could do
    >     to easily enhance the security?  Do I need to worry about
    >     clearing something off the C:\ drive like the system cache?
    >
    >     I'm guessing a medium sized corporation would be willing to
    >     put more effort into obtaining the data than the government
    >     did with this guy.
    >     Most have a powerful cluster at their disposal so I guess
    >     they could brute force it.  Is there a way I can make that
    >     take longer?
    >
    >     I know there is no perfect solution, just ways to slow down
    >     the attackers.
    >
    >     As always, any help would be appreciated.
    >
    >
    >     --
    >     This message has been scanned for viruses and dangerous
    >     content by MailScanner, and is believed to be clean.
    >
    >
    >     ------------------------------------------------------------
    >     ---------------
    >     This list is sponsored by: Norwich University
    >
    >     EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
    >     The NSA has designated Norwich University a center of
    >     Academic Excellence
    >     in Information Security. Our program offers unparalleled
    >     Infosec management
    >     education and the case study affords you unmatched
    >     consulting experience.
    >     Using interactive e-Learning technology, you can earn this
    >     esteemed degree,
    >     without disrupting your career or home life.
    >
    >     http://www.msia.norwich.edu/secfocus
    >     ------------------------------------------------------------
    >     ---------------
    >
    >
    >
    > 
    ------------------------------------------------------------
    ----------
    > ----- This list is sponsored by: Norwich University
    >
    > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - 
    ONLINE The NSA has 
    > designated Norwich University a center of Academic Excellence in 
    > Information Security. Our program offers unparalleled Infosec 
    > management education and the case study affords you 
    unmatched consulting experience.
    > Using interactive e-Learning technology, you can earn 
    this esteemed 
    > degree, without disrupting your career or home life.
    >
    > http://www.msia.norwich.edu/secfocus
    > 
    ------------------------------------------------------------
    ----------
    > -----
    >
    >
    
    
    --
    Saqib Ali, CISSP, ISSAP
    http://www.full-disk-encryption.net


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Current thread:

RE: -Real- anonymity (was: The ugly side of using disk encryption) Hagen, Eric (Oct 20)
- RE: The ugly side of using disk encryption Will Yonker (Oct 23)
  - RE: The ugly side of using disk encryption dave kleiman (Oct 23)
    - Re: The ugly side of using disk encryption Saqib Ali (Oct 23)
    - RE: The ugly side of using disk encryption dave kleiman (Oct 23)
    - Re: The ugly side of using disk encryption Saqib Ali (Oct 23)
  - Re: The ugly side of using disk encryption Radu Oprisan (Oct 23)
  - Re: The ugly side of using disk encryption Kevin Tunison (Oct 23)