![]() Effective and very secure data management can be obtained using one of the above mentioned tools. On the other hand, users should work with appropriate responsibility to keep computer up-to-date, protected in networks, and not opened to access encryption key. Encrypting applications can usually encrypt files, folders or whole drives into the form of data package where the work with files and applications is realized in real time as it is in the case of data that are not encrypted. These products are usually equipped by special key features including “on the fly” encryp- tion, data protection in the case of unexpected power supply interruption, random number generator with enhanced mechanisms, standard and cascade encryp- tion algorithms (AES, Serpent, Twofish, AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish- AES, Twofish-Serpent), HASH-algoritmy (RIPEMD- 160, SHA-512, Whirlpool) etc. Encrypted data packages provided by tools as Bit- Locker, FileVault, Pointsec or TrueCrypt offer more secure work with sensitive data on local as well as remote drives. In general, this category can be considered as outdated and inappropriate. ![]() ![]() Then the data files protection can be broken using brute-force methods. Usually, they are not equipped by features to control strong password rules or to specify secure encryption algo- rithms. These compression and encryption techniques are widely used, but offers only very basic password protection settings. Simple encryption is provided by applications like 7-ZIP, WinRAR, WinZIP etc. More- over, the data files can be mistakenly stored/kept on memories of device on which such data files are man- aged. Weakness of the method is that the weak password used to protect compressed files can be unlocked using special hacking software. The most frequently used method represents tradi- tional and direct password entering technique through ZIP or RAR file compression with encryption, but files access and management itself is usually uncomfort- able and cumbersome. Software products intended for the secure data management can be classified into several categories. Such conditions include: ▶ ▶ data encryption using strong passwords, ▶ ▶ files stored on technically reliable memories, ▶ ▶ regular backup using various drives or storage places, ▶ ▶ periodic readability checking of all stored records, ▶ ▶ backup of applications used to encrypt and decrypt data files, ▶ ▶ save storage devices on physically different places, ▶ ▶ functional and reliable hardware to read and write data on storage media. Management of sensitive or personal data requires ensuring of several basic conditions to prevent their stealing, misuse or destruction. A cryptographic salt can be imagined as additional data which makes hashes significantly more difficult to crack. In this point of view, the hashing processes should be based on “salt” method rather than on former MD5 or SHA1 because of modern computer equip- ment makes “brute force” attacks faster and trivial. Hash functions can be character- ized as follows: ▶ ▶ small change of input data will result in meaning- ful changes of output data, ▶ ▶ it is not possible to reveal original text from hash data, ▶ ▶ statistically, it is not likely to have identical hash data for two different texts. Hashing algorithm applied to user’s passwords before storing makes original passwords hard to be re- vealed by attackers. Applications that accept passwords use hashing algorithms as an essential security consideration to protect passwords that are stored in application’s da- tabase. etc., has to be hidden in order to be inaccessible and/or in- visible for unauthorized persons.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |