LinuxSA Mailing list archives

  From: behoffski <behoffski@grouse.com.au>
  To  : linuxsa@linuxsa.org.au
  Date: Tue, 14 Sep 1999 22:28:27 +0930

Encryption (was Re: Linux Console Security)

Mark Newton wrote:
> [...] So while we're talking about means of increasing security, 
> can we stop with the silly and unfounded claims that it's even 
> remotely possible to stop someone from breaking-in to a computer 
> that they're sitting directly in front of?

(Agreed!)  

While you can't protect ALL the data on your system from this 
style of physical attack, you can still protect SOME of your 
data... using strong encryption on selected files.  Any 
attacker will be able to read the encrypted data, but will 
need lots of time and effort to try and decrypt the contents.  

Note that the level of encryption needed to keep people out 
is increasing all the time, as decryption machines become 
cheaper and people discover new attacks.  NIST is working 
through a process of selecting a new crypto scheme at the 
moment, called AES (Advanced Encryption Standard).  Many of 
these encryption schemes have 256-bit keys.  The days of 
56-bit DES are long gone, if you're serious about 
keeping data hidden.  

You can find out about AES at:

	http://csrc.nist.gov/encryption/aes/aes_home.htm	

behoffski

-- 
behoffski (Brenton Hoff) | Software Engineer, Grouse Software
behoffski@grouse.com.au  | http://www.grouse.com.au/

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject