Bulletproof your data

If you have sensitive information such as personal bank statements and passwords stored on your PC, then securing this data is a must. To get you started using powerful encryption, WINDOWS presents an exclusive guide.

  • E-Mail
By  Chris Fernando Published  April 1, 2005

|~||~||~|If you have sensitive information such as personal bank statements and passwords stored on your PC, then securing this data is a must. To get you started using powerful encryption, WINDOWS presents an exclusive guide. 1: Within Windows Passwords within Microsoft programs such as Word, Excel and Outlook, and Windows’ own login password, can be broken easily using tools that are available on the internet. Hiding your valuable data folders is also a possibility but also offers limited protection. However, a file that is encrypted with a strong encryption algorithm, for example Blowfish’s 128-bit code, can take years for tech-headed crims to break. Think of encryption as locking something valuable inside a strong box. Whenever you log into your Hotmail account or make a credit card purchase over the net, your data is encrypted; typically a 56-bit or 128-bit cipher strength (indicated by a secure padlock icon in the right-hand corner of your browser and a HTTPS url). Sensitive data is encrypted by using a key algorithm, which renders it unreadable without the knowledge of the key. Users of Windows XP Professional Edition will find encryption built into their OS. XP Pro’s Encrypting File System (EFS) provides the core technology used to store encrypted files on NTFS file system volumes. Once you encrypt a file or folder, you can work with the encrypted file or folder just as you do with any other files and folders. Encryption is transparent to you, the user that encrypted the file. Using EFS is similar to using read/write permissions on files and folders. Both methods can be used to restrict access to data. However, an intruder who gains unauthorised physical access to your encrypted files or folders will now also be prevented from reading them. If the intruder tries to open or copy your encrypted file or folder they receive an ‘access denied’ message. You encrypt or decrypt a folder or file by setting the encryption property for folders and files, just as you set any other attributes such as read-only, compressed, or hidden. If you encrypt a folder, all files and subfolders created in it are then automatically encrypted. Here’s how to do it: 1. Right-click the file or folder that you want to encrypt, and then click Properties. 2. On the General tab, click Advanced. 3. Select the ‘Encrypt contents to secure data’ check box. Following that, any time you want to decrypt (or open) an encrypted file or folder, do this: 1. Right click the encrypted file or folder, and click Properties. 2. On the General tab, click Advanced. 3. Clear the Encrypt contents to secure data check box. Note: files or folders that are compressed cannot also be encrypted. If you encrypt a compressed file or folder, that file or folder will be uncompressed. Files also marked with the System attribute can’t be encrypted, nor can files in the system root directory structure. For those users who don’t run XP Professional, worry not, as there are plenty of good encryption tools out there (some of which are included on this month’s Windows CD). 2: Pretty Good Privacy (PGP) 8.0 PGP is based on public key cryptography in which two complementary keys, public and private, are used. To explain a little further; a key is a value that works with a cryptographic algorithm (a form of mathematical equation) to produce a specific ciphertext (basically large scrambled numbers). What’s called ‘key size’ is measured in bits such as 56-bit, 128-bit and so on - the bigger the key, the more secure the data. PGP stores keys in two files (public and private) on your hard disk in encrypted form. These files are also called keyrings. You will encounter five types of keys in PGP: Diffie-Hellman/DSS, RSA, AES, 3DES and BlowFish. After you create a keypair, you can begin exchanging encrypted e-mail with other PGP users. The freeware version of PGP we used includes several components to help you secure your e-mail, files, and disk with encryption and authentication. To use encrypted info with another user, you first need a copy of their public key and they need a copy of yours. Since your public key is just a block of text, it is easy to trade keys with someone. Your public and private keys are mathematically related, but there’s no way to figure out someone’s private key if you have their public key. And just as importantly, never give out your private key or its passphrase, to anyone else, as that defeats the entire purpose of encryption! If all the jargon on keys is confusing and all you are looking for is a simple tool to secure your hard disk data then we recommend the simpler Cyperhix or the slightly more advanced TrueCrypt. 3. Cryptainer Cryptainer 5.0 is an ‘on-the-fly’ encryption package. All your sensitive information is stored as encrypted files in a special ‘volume’ that disappears when you password-protect it, thereby locking your files and folders. Any kind of file can be dragged and dropped into this volume, rendering it totally inaccessible by anyone but you (see pic D). Thus, even if your ‘vault’ is stolen by anyone, the data is impossible to read. The Cryptainer system uses a special storage file to create a ‘Virtual Drive’ that appears to applications and users like any other physical drive. Any data that the user attempts to access from this drive is automatically encrypted, or decrypted by Cryptainer, and presented to the application reading the data. The light edition we tested uses a 128-bit cipher algorithm with a 25MB vault size limit, while paid versions support up to 50GB vaults with a choice of 256-bit or 448-bit encryption methods. We recommend getting started with PGP for securing e-mail and Cryptainer LE for data. Then consider graduating to the free open-source TrueCrypt for full blown functionality. Encryption Extra Free Security Resources www.thefreecountry.com/security Cypherix www.cypherix.com SECURE Ciphire Mail www.ciphirebeta.com PGP 8.0 International www.pgpi.org PGP enabled free e-mail www.hushmail.com CompuSec 4.17 www.ce-infosys.com.sg Free open-source disk encryption http://truecrypt.sourceforge.net DriveCrypt www.securstar.com CryptoExpert 2005 Lite v6 www.secureaction.com Encryption for the masses www.members.lycos.co.uk/e4m Self destructing e-mail www.readnotify.com Encrypted e-mail www.cryptomail.org/||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code