Posted: Fri Jun 23, 2006 8:00 am Post subject: general security questions/comments
I have a few questions/comments about the AirScanner Mobile Encrypter.
1) When a volume is mounted, is encryption/decryption happening on-the-fly with data that is read and written, or is the entire volume decrypted initially to the storage media and then encrypted again when the volume is unmounted? It seems like too obvious of a thing to ask, that decrypting the entire volume would be extremely insecure and wasteful, but I just wanted to ask to be sure. Some of the thing in the documentation had me second guessing.
2) Why are passwords limited to 16 characters? I'm not a cryptographer, so maybe there's some reason that your Triple DES implementation can't use anything longer, but especially in the world of mobile devices where entering non-lower-case-alpha characters is a pain in the ass sometimes, i would rather be able to use a 30 characters lower case alpha password than a 16 characters mixed upper case and special character password (with some compromise in between the two, most likely).
3) Do you have any plans to offer a standard 256-bit cipher? 168-bit Triple DES being comparable to the standard 128-bit ciphers (AES, Blowfish, etc), I would like an option of something stronger than that. That is, let me choose slow speeds on my device in exchange for stronger encryption.
1) It would be nice to be able to define auto-mount properties per-volume, rather than globally. For example, I'd like to have a volume to be used by a mail application, and that should always be mounted unless I specifically unmount it or unless it has been mounted since the last reboot. But another volume contains extremely sensitive info and I want that one to be able to automount.
2) The default setup of the software seems to lend itself more to non-phone PDA devices people turn off regularly. The idea of the global password that you get asked to enter when you first start the program and that sits around in memory and is used for encryption/decryption by default is a bit crazy from a security standpoint, in my opinion. Unless someone is smart enough to realize this setup is extremely insecure, they will be using your software and falsely thinking their data is safe. At least, until they take a moment to ask themselves why they can always access all of their "secure" data without a password, and they figure out it must have something to do with that password they first enter into this program when their device first turns on. (Or maybe I've misunderstood something --- I've only been using the trial version for a few days.) About the only security this provides is if an attacker who steals your device decides to turn off the device and turn it back on before looking through your data. --- I believe a proper implementation of passphrase-in-memory would be to offer to the user to keep it around in volatile memory for a period of minutes after they enter it, and after that period has elapsed it is removed from volatile memory and the user is again given the option to keep it in volatile memory for a period of time the next time they enter it.
Thanks for your input and answers to these questions. I apologize if I have misunderstood any parts of your software.
Thanks for your excellent questions and suggestions! They have gone into our suggestion/requested feature list for future versions.
As to the bit strength, that is determined by the Microsoft Crypto API. As that gets updated, in future versions it allows us to use stronger bit strength. The Microsoft Crypto API for CE has currently never been broken, to the best of public knowledge.
168 3DES is more than secure enough for the time being. People who have told you it is not might not understand it well. It is true that 3DES is often done badly, by encrypting the password in the registry. But we use a hash of the password in the registry, rather than just encrypting it
The real threat may be advances in quantum computing, which in the future might break all current algos instantly, rendinging them all obsolete at once.
A longer passphrase might be helpful, thanks for mentioning it. Especially on the PPC as you said! As you know, you reach a point of diminishing returns, where the password gets to long to be of use for the given bit strength. Most programs get a hash of your passphrase anyway, effectively truncating it down to the optimal length.
Your other questions/suggestions are excellent. It boils down to what most users want. There is no doubt some users want tighter security, which is so stringent it would cause many others to disable it. We'll try to keep balancing security with ease of use.
I should mention that many other PPC encryption programs we have tested are easily broken. Some of them might make you laugh (or cry) if you knew what was really going on. And this includes some of the most popular ones. (We will be releasing advisories on many of these this summer, after the vendors have time to address them). I guess it's just really hard to do a secure implementation of encryption. So many things can get passed over. But we've tried to learn from the mistakes of other companies in order to be more secure for our users.
As to user education, what you said was true. A lot of users may be using encryption software improperly. It is difficult to failsafe it without making it unusable. It really helps if people become educated. To that end, we've written a lot of books, some of them written for total beginners, which can quickly ramp up their knowledge of security. And Airscanner members have published thousands of pages of free security guides and papers on the web. But you are right, we will continue to look for ways to lock down the software, even for beginners.
Your questions were so good that I'm going to make it a sticky, and lock it so it doesn't drift too far off topic. Please post more questions as you think of them in as many posts as you want!
Update to the above: From the best I can tell from looking, PGP mobile is now legacyware, and was discontinued a number of years ago. I don't think there is a PGP implementation for Pocket PC. If anyone knows, please post a forum link. Thanks!
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Copyright 2001-2010, Chris De Herrera, All Rights Reserved