Computer Self-Defense v1.1

Computer Security in Plain English: Encryption

Enter your search terms Submit search form

• Home
• Backups
• Anti-Virus
• Firewalls
• Updates
• Spyware
• Browsers
• Email
• Tune-Ups
• User Mgm't
• Vista

TrueCrypt

TrueCrypt is an open-source encryption software that enables you to create a virtual encrypted disk within a file and mount it as a virtual disk, that can be accessed via a drive letter. Any file that is stored on this virtual drive is automatically encrypted on-the-fly, and can only be accessed while the drive is mounted with the correct password or key.

GnuPG

GnuPG is a free implementation of the OpenPGP standard. GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories. GnuPG, also known as GPG, is a command line tool, so it may not come easy for many users.

Encryption Techniques

Basically, in the computer world, encryption gets used two ways: for securing email and for securing files and file systems (whole harddrives). Needless to say, there's many good programs that do one or the other, and even both. Some are expensive, and some very good ones are free (open source).

Encryption is a technique of "locking up" data using an algorithm (aka cipher) to make it unreadable to anyone except those having a key. It's a long-standing science in its own right that actually goes back to ancient times. With the advent of computers, it's taken on new life.

There's a variety of algorithms used for computer encryption and it can get a bit confusing. Ten years ago, 40-bit encryption was the standard in Windows itself, with 128-bit encryption being gradually adopted (there were export controls in place). DES was the state-of-the-art at one time. Today, the AES algorithm is for most purposes the government standard.

Securing Files and File Systems

Often computers contain some sensitive data. Accounting and banking data come to mind, first and foremost. Intellectual property could be considering sensitive. For the most part, many protections are built into programs that generate such data, like accounting apps which can be password protected. That's any user's first line of defense.

Beyond that, computer users have increasingly sophisticated tools for encrypting files. TrueCrypt is a great app, perhaps the best of the lot. Cryptainer LE and AxCrypt are very good, too, and also free for the taking. These are great programs for encrypting anything sensitive, say scanned ID's or tax information.

Two versions of Windows Vista, Enterprise and Ultimate, have a built-in scheme called BitLocker. BitLocker has the capacity to lock down a whole hard drive, whicih a bit extreme and poses risks of its own (data recovery can become impossible).

The drawback to encrypting any files is that they may be unrecoverable if a key or password is lost. If you're going to encrypt a lot of files, you definitely want to create some documentation. We highly recommend backing up unencrypted versions of files you do encrypt, say to a USB drive, and then physically securing the drive in a strongbox or somewhere safe.

Securing Emails

Sending email is akin to mailing postcards. You're not going to have any privacy if someone along the line stops to have a look. On the other hand, given the sheer volume of email across the web, there's too much to look at. But emails do get intercepted and read for sensitive data by more sophisticated hackers (that includes law enforcement). It's something to bear in mind if you're a business and your emailing sensitive documents.

For email encryption to work, both the sender and receiver have to be familiar with any encryption procedure. The standard for email encryption is PGP, of which there's several versions, all of which meet the OpenPGP standard. As programs, all the PGP versions require client-based email. There is one web-based email service, Hushmail, that meets the OpenPGP standard, so that's an option. PGP will also encrypt files and file systems too.

Last updated May 2nd, 2008
Powered by The Big Blue Web