Thursday, June 22, 2006

Encryption project has teen feeling pretty secure

Here's a fun story. A change from the alarmist tripe I usually post.

It seems a young man has devised a reasonably impressive hardware encryption device for computer use. It has it's own processor and RAM so encryption is as transparent to the user as possible, which would take the pain out of encrypting every bit of data on the hard drive. Combine that with strong passwords and some other authentication factor (such as biometrics) and one needn't worry about a laptop being stolen or even a desktop in place where the attacker has physical access to the machine.

This makes real sense. Encryption software can produce strong output, but the software itself may be a vector of attack for a cracker or spy. It also loads the cpu to a degree many users might find unacceptable. A hardware device equipped with it's own specially configured processor and a bit of RAM could handle a lot of data without the user ever noticing. I am told a custom ARM derivative running at 400 MHz could do 1024 bit encryption invisibly until the file size reaches some (high) threshold, at which point you might have to wait a second or two more to read your file or email. That level of encryption is effectively unbreakable on today's machines and will remain so for quite a while. In fact; when I recommend an encryption level to a client, I almost never recommend over 256 bit.

The young man is receiving some well deserved attention and summer job offers. He deserves it.

Jack

No comments:

Post a Comment

All comments are moderated.

Note: Only a member of this blog may post a comment.