BRUG AF KRYPTERING PÅ
KØBENHAVNS UNIVERSITET
Kryptering på Københavns Universitet
INDHOLDSFORTEGNELSE:
HVORFOR KRYPTERING?................................................................................................................ 2
HVAD ER KRYPTERING?.................................................................................................................. 2
HVAD SKAL KRYPTERES? ............................................................................................................... 3
HVORDAN SIKRER JEG MIN BÆRBARE PC. .............................................................................. 4
HVORDAN SIKRER JEG MIN PDA ELLER MOBILTELEFON. ................................................. 4
MED EN STIGENDE BRUG AF SYNKRONISERING AF MAIL OG DATA IMELLEM DEN
BÆRBARE ENHED (PDA OG/ELLER TELEFON) OG DET STATIONÆRE SYSTEM ER
FAREN FOR AT DER FINDES FORTROLIGE OG FØLSOMME DATA PÅ DISSE
BÆRBARE ENHEDER STOR, OG EN PASSENDE BESKYTTELSE SKAL ETABLERES. ..... 4
HVORDAN SIKRER JEG MIN USB-ENHED. .................................................................................. 4
HVORDAN SIKRER JEG DVD, CD ELLER DISKETTE. .............................................................. 5
HVORDAN SIKRER JEG ET KATALOG/FOLDER. ...................................................................... 5
HVORDAN SIKRER JEG ET DOKUMENT. .................................................................................... 5
HVORDAN SIKRER JEG E-MAIL..................................................................................................... 5
HVAD ER FARERNE VED BRUG AF KRYPTERING?.................................................................. 6
BILAG OG LINK: ................................................................................................................................. 7
POINTSEC® - CHECK POINT FULL DISK ENCRYPTION ............................................................................ 7
POINTSEC MOBILE ................................................................................................................................. 8
T R U E C R Y P T..................................................................................................................................... 8
SAFESTICK ........................................................................................................................................... 10
DATATRAVELER FOR ENTERPRISE ...................................................................................................... 11
BLUEWHALE ........................................................................................................................................ 12
MAILSWEEPER FOR SMTP V.4.2......................................................................................................... 13
MICROSOFT - ENCRYPTING FILE SYSTEM............................................................................................ 14
CRYPTOGRAPHY PORTAL (WIKI)......................................................................................................... 20
Side 1 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
HVORFOR KRYPTERING?
I Lov om behandling af personoplysninger (persondataloven), i DS484:2005 Standard for
Informationssikkerhed og i KU´s Informationssikkerhedshåndbog stilles der krav til, at følsomme
og kritiske data beskyttes imod uautoriseret ændringer (Iintegritetsbrud) og imod at komme til
uvedkommendes kendskab (Fortrolighedsbrud).
Sikring af informationers Integritet og Fortrolighed, ved såvel lagring som under transport, kan
ske ved brug af kryptering.
Kryptering kan ske på flere måder og med mange forskellige grader af sikkerhed, men
sikringsgraden bør afstemmes efter informationernes værdi, klassifikation og følsomhed.
Endelig er der krav til at informationernes tilgængelighed skal sikres. Når data krypteres
anvendes en krypteringsnøgle og for at kunne læse de krypterede data skal der igen bruges en
krypteringsnøgle. Mistes den krypteringsnøgle, der skal bruges til åbning (dekryptering) af data
forbliver disse utilgængelige, altså tabt. For at beskytte dig imod tab af dine data, skal du sikre
at der er en passende sikkerhedskopi! Data må ikke kun forefindes på et medie.
Datatilsynet har afgjort at følsomme og kritiske informationer skal sikres ved passende kryptering
når disse sendes via det offentlige Internet. KU har ligeledes vedtaget at samme typer
informationer skal sikres ved passende kryptering, når de opbevares på mobile medier, uanset
om de indenfor eller udenfor KU.
HVAD ER KRYPTERING?
Kryptering er matematiske operationer på informationerne, hvorved der skabes en Hash-værdi
(kryptografisk segl) eller en cryptotekst (krypteret tekst). Den tekniske beskrivelse af kryptering
gives ikke her, men der findes utallige gode beskrivelser tilgængeligt på Internettet, som der
henvises til. For at forstå og bruge krypteringen korrekt, er det dog fordel med kendskab til
principperne, der følger her efter.
•
Sikring af, at informationer ikke er blevet ændret under lagring eller transport,
dvs. sikre integritet. Kryptografisk forsegling (beregning af Hash-værdi) er en envejs
opperation, hvilket vil sige, at det ikke er muligt, at komme fra en beregnet hash værdi
tilbage til de data, værdien er beregnet for. Sikringen sker ved at foretage beregning af
en hashværdi for informationerne ved lagring eller afsendelse, og en ny ved senere brug
eller modtagelse af data. Er de 2 hashværdier ens, er der en meget høj sikkerhed for, at
data ikke er blevet ændret under vejs.
o
•
Populære hashalgoritmer er MD (MD2, MD4 og MD5) og SHA (SHA 1, SHA 256,
SHA 384 og SHA 512), men der findes flere.
Beskyttelse af informationer imod at komme til uvedkommendes kendskab,
dvs. sikre fortrolighed. At sikre, at informationer ikke kan læses af uvedkommende
kræver, at de bliver forvansket og gjort ulæselige (krypteret) på en måde, så den
originale tekst kan genskabes (dekrypteres), når de rette betingelser er til stede
(nøgle/nøgler), altså en tovejs process i modsætning til ovenstående kryptografiske
forsegling, der er en envejsprocess.
o
Anvendes den samme nøgle til både kryptering og dekryptering tales
der om symetrisk kryptering. Denne form for kryptering er den, der
anvendes i eksempelvis Microsoft Office og af WinZip m.fl.. Metoden er hurtig og
enkel, men kræver at nøglen til at åbne dokumentet sendes til modtageren på
en sikker måde (aldrig sammen med det krypterede dokument!!), eksempelvis
sendes det krypterede dokument som e-mail og nøglen som en SMS besked til
modtageren.
Side 2 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
o
Når der bruges 2 nøgler, som i et PKI-system, tales der om asymmetrisk
kryptering. Denne metode forudsætter, at både afsender og modtager har 2
nøgler, henholdsvis en personlig nøgle som kun kendes af personen selv, samt
en offentlig nøgle som er tilgængelig for alle. Med denne løsning kan såvel
datas integritet som deres fortrolighed sikres. Yderligere er det muligt med
denne løsning at sikre autencitet, dvs. at sikre at afsender er den rette.
Ulempen er en teknisk mere kompliceret og ressourcekrævende løsning. Denne
løsning anvendes eksempelvis ved digitale signaturer.
HVAD SKAL KRYPTERES?
Følsomme og kritiske informationer er alle data klassificeret som sådanne, dvs. henholdsvis
Følsom eller Fortrolig ifølge KU`s klassifikation, som angivet i IS-håndbogen´s kapitel 7.
Eksempler på følsomme og kritiske data er administrative - og forsknings data, der indeholder
personhenførbare oplysninger som personnmummer sammen med navn, adresse, telefonnummer,
e-mail adresse, køn, tilhørsforhold (relegion, seksual orientering, fagforeningsforhold, politiske
data m.m.m.) samt forskningsdata. Lidt mere løst kan man sige at informationer, der af
uvedkommende kan bruges til at kompromittere eller at skade er følsomme og kritiske, og det er
bedre, at beskytte for meget end for lidt.
At afgøre hvor kritiske nogle givne informationer er og samt at sikre en korrekt klassifikation er
alene dataejerens ansvar.
Følsomme og kritiske informationer, der opbevares på mobile enheder, som Bærbare PC`ere,
PDA`ere, Mobiltelefoner, CD`ere, DVD`ere, USB-diske og –sticks, samt disketter skal altid være
beskyttet af passende kryptering.
Følsomme og kritiske informationer, der sendes via det offentlige Internet, enten som e-mail eller
vedhæftning til disse, som FTP eller anden elektroniske transmission skal altid være beskyttet af
passende kryptering.
Bemærk KU`s interne netværk ikke er det offentlige Internet, hvorfor der eksempelvis ikke
kræves kryptering af følsomme og kritiske informationer, der sendes via e-mail imellem KU epostadresser.
Bemærk yderligere at ansvaret for passende beskyttelse af følsomme og kritiske informationer
påhviler den, der sender eller opbevarer disse informationer, og ikke alene it-afdelingen eller de
netværksansvarlige!
Side 3 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
Nedenfor gives et del forslag på hvordan du kan sikre dine dokumenter, og det er kun forslag,
da der findes utallige andre gode måder. Er du i tvivl kan du altid kontakte din it-afdeling, der
vil være dig behjælpelig.
HVORDAN SIKRER JEG MIN BÆRBARE PC.
Sikring af data på bærbare PC´ere kan principielt ske på 3 forskellige måder, hvor den første
giver den højeste sikkerhed, den næste lidt mindre sikkerhed og den sidste sikrer kun det
enkelte krypterede dokument.
1.
Fuld kryptering af PC, så harddisken er krypteret og operativsystemet ikke kan starte
før der er angivet korrekt nøgle til krypterings systemet. Tab af krypteringsnøglen
medfører at PC´en skal geninstalleres fra bunden, dvs. at alle data og systemer er tabt!
PointSec er et sådant system, der yderligere tilbyder en recovery funktion, så tab af
nøgle ikke nødvendigvis bliver katastrofalt. PointSec er et kommercielt produkt, der
koster penge. Der findes også fungerende freeware programmer til fuld diskkryptering,
der selv om de ikke er fuldt på højde med PointSec, så dog giver en god sikkerhed.
Endelig findes der krypteringsmuligheder i nyere operativsystemers filsystemer.
2.
Katalog / folder kryptering indebærer, at en samling af data er krypteret, men ikke
operativsystemet. PC´en kan starte uden at angive kode eller nøgle til
krypteringssystemet. Først når der ønskes adgang til de krypterede data, skal der
afgives kode. TrueCrypt er et freeware program, der giver denne sikkerhed. Tilsvarende
sikkerhed kan opnås ved at bruge Microsofts EFS system. Tab af nøgle bevirker her, at
det krypterede katalog / folder er utilgængeligt og data heri må anses for tabt, men
såvel TrueCrypt som MS EPS giver mulighed for at etablere en recovery nøgle, så der er
en form for sikring imod tab af nøgler.
3.
Filkryptering indebærer, at det alene er det berørte dokument, der bliver krypteret.
Denne kryptering tilbydes eksempelvis af Microsoft Office for dette systems
dokumenter, samt af WinZip og af TrueCrypt, samt af utallige andre produkter.
Filkryptering er sjældent brugt på PC´ere, hvor der er flere dokumenter, der skal
beskyttes, idet der kræves en krypteringsnøgle til hvert enkelte dokument. Det er langt
fra alle produkter til filkryptering, der giver mulighed for at etablere en recovery nøgle,
hvorfor det er vigtigt at have en passende god sikkerhedskopiering, så de krypterede
dokumenter ikke går tabt hvis nøglen mistesog derved bliver utilgængelige.
HVORDAN SIKRER JEG MIN PDA ELLER MOBILTELEFON.
Med en stigende brug af synkronisering af mail og data imellem den bærbare enhed
(PDA og/eller telefon) og det stationære system er faren for at der findes fortrolige og
følsomme data på disse bærbare enheder stor, og en passende beskyttelse skal
etableres.
Den første og vigtigste beskyttelse er altid at benytte den indbyggede mulighed for
elektronisk lås, så der skal angives en kode for at åbne og bruge enheden. Hvordan
denne lås aktiveres og bruges fremgår af enhedens brugsanvisning.
Opbevarer du følsomme og kritiske data på din PDA eller telefon skal disse krypteres.
HVORDAN SIKRER JEG MIN USB-ENHED.
Sikring af data på en USB-enhed sker stort set på samme måde som på en PC.
1.
Størst sikkerhed og letteste administration fås ved at bruge sikre USB-enheder, dvs.
USB-sticks, der har indbygget kryptering. Produkterne Kingston DataTraveler og
SafeStick er eksempler på sikre USB-sticks, og de koster ca. 300 kr for en 1 GB, altså
noget dyrere end de usikre enheder der kan købes overalt til en noget lavere pris.
Side 4 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
2.
Krypteringsprogrammet TrueCrypt kan downloades fra siden
http://www.truecrypt.org/downloads.php, og er et meget sikkert freeware produkt til at
opbevare data i krypteret og sikret folder / katalog, og som findes til brug på såvel
Windows, som Linux og Mac.
3.
Drejer det sig blot om at sikre et enkelt MS-office 2003 dokument eller fil, eksempelvis
et Word-dokument eller en PowerPoint, vil det være lettes at bruge den indbyggede
kryptering, der findes ved at klikke på Gem som .. > Funktioner .. >
Sikkerhedsindstillinger. For Excel dokumenter bruges i stedet Gem som .. >
Funktioner .. > Generelle sindstillinger ..
4.
Er det ikke et MS-office dokument kan det opbevares i en krypteret ZIP-fil, som
eksempelvis i ZIPGenius, der kan hentes gratis på siden http://www.zipgenius.com/.
HVORDAN SIKRER JEG DVD, CD ELLER DISKETTE.
1.
Krypteringsprogrammet TrueCrypt kan downloades fra siden
http://www.truecrypt.org/downloads.php, og er et meget sikkert freeware produkt til at
opbevare data i krypteret og sikret folder / katalog, og som findes til brug på såvel
Windows, som Linux og Mac.
2.
Drejer det sig blot om at sikre et enkelt MS-office 2003 dokument eller fil, eksempelvis
et Word-dokument eller en PowerPoint, vil det være lettes at bruge den indbyggede
kryptering, der findes ved at klikke på Gem som .. > Funktioner .. >
Sikkerhedsindstillinger. For Excel dokumenter bruges i stedet Gem som .. >
Funktioner .. > Generelle sindstillinger ..
3.
Er det ikke et MS-office dokument kan det opbevares i en krypteret ZIP-fil, som
eksempelvis i ZIPGenius, der kan hentes gratis på siden http://www.zipgenius.com/.
HVORDAN SIKRER JEG ET KATALOG/FOLDER.
1.
Krypteringsprogrammet TrueCrypt kan downloades fra siden
http://www.truecrypt.org/downloads.php, og er et meget sikkert freeware produkt til at
opbevare data i krypteret og sikret folder / katalog, og som findes til brug på såvel
Windows, som Linux og Mac.
HVORDAN SIKRER JEG ET DOKUMENT.
1.
Drejer det sig blot om at sikre et enkelt MS-office 2003 dokument eller fil, eksempelvis
et Word-dokument eller en PowerPoint, vil det være lettes at bruge den indbyggede
kryptering, der findes ved at klikke på Gem som .. > Funktioner .. >
Sikkerhedsindstillinger. For Excel dokumenter bruges i stedet Gem som .. >
Funktioner .. > Generelle sindstillinger ..
2.
Er det ikke et MS-office dokument kan det opbevares i en krypteret ZIP-fil, som
eksempelvis i ZIPGenius, der kan hentes gratis på siden http://www.zipgenius.com/.
HVORDAN SIKRER JEG E-MAIL.
Hvor IT-afdelingen ikke har etableret sikker e-mail ved brug af certifikater, hvilket man
ikke har på KU generelt, kan man altid sende data som krypteret fil vedhæftet emailen, og så sende krypteringsnøgle til modtageren på anden vis end via e-mail,
eksempelvis via SMS. Filen eller dokumentet, der skal sendes via e-mail, sikres som
nævnt ovenfor under Hvordan sikrer jeg et dokument, inden det vedhæftes e-mailen.
Side 5 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
HVAD ER FARERNE VED BRUG AF KRYPTERING?
Den største fare eller risiko ved brug af kryptering er at du mister nøglen, og derved
mister adgang til fil eller dokument, hvorfor det er meget vigtigt at der findes valide
sikkerhedskopier.
Man skal ligeledes være opmærksom på hvilket operativsystem der bruges. Ikke alle
produkter kan bruges på såvel Windows, som Mac og Linux.
Nogle programmer kræver at man har administrator rettigheder for at kunne køre
programmet.
For MS-Office skal man være opmærksom på ikke at bruge en krypteringsalgoritme,
som ikke understøttes af modtageren.
Side 6 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
BILAG OG LINK:
Pointsec® - Check Point Full Disk Encryption
(http://www.checkpoint.com/products/datasecurity/pc/)
STRONG DATA SECURITY FOR LAPTOP AND DESKTOP COMPUTERS
The dramatic proliferation of laptops means your mobile workforce exposes large
amounts of company data outside the secure perimeter of your office each day. Based
on market-leading Pointsec® technologies, Check Point Endpoint Security Full Disk
Encryption™ is proven in enterprises, businesses and government agencies around the
world, providing the highest level of data security for laptops and PCs through a
combination of pre-boot authentication and strong encryption algorithms.
Windows, Linux, MAC OS.
Centralized management ensures fast deployment, ease of administration and fully
enforceable user compliance. Check Point Full Disk Encryption also operates
completely transparent to the end-user providing a seamless introduction. Supporting
all common smartcards / tokens and providing a rich feature set that includes Single
Sign-On (SSO) and Windows Integrated Login (WIL), Check Point Full Disk
Encryption can be easily configured to meet the needs of any organization.
How it Works
Benefits
•
•
•
•
•
•
Prevents damaging data breaches resulting from lost or stolen laptops and PCs
Deploys quickly on Windows, Mac OS X and Linux platforms to meet compliance
objectives and conserve resources
Scales to meet the needs of any size enterprise or government agency
Windows and Mac OS X solutions are FIPS 140-2 compliant
Simplifies central management for lower total cost of ownership
Mandatory, enforceable data security policy
Side 7 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
Pointsec Mobile
(http://www.checkpoint.com/products/datasecurity/mobile/index.html)
MOBILE SECURITY PRODUCTS
Research shows the majority of lost or stolen mobile devices contain confidential
company communications and information. Applications such as push email make it
even more difficult to keep track of the information stored on these highly mobile
smartphones and PDAs.
Pointsec Mobile completely secures enterprise data stored on smartphones and PDAs
running Symbian, Pocket PC, Windows Mobile Smartphone and Palm operating
systems. Device and memory card data are encrypted automatically without user
intervention, providing a user-transparent yet fully-enforceable security policy.
Benefits
•
•
•
Provides easy-to-remember authentication options
Offers low-cost deployment and management
Integrates seamlessly with mobile email Enables easy transfer of encrypted data
between devices protected by Pointsec Mobile and other Check Point Endpoint Security
clients
TrueCrypt
(http://www.truecrypt.org/)
FREE OPEN-SOURCE DISK ENCRYPTION SOFTWARE FOR WINDOWS VISTA/XP, MAC OS X, AND
LINUX
Main
•
•
•
•
•
•
Features:
Creates a virtual encrypted disk within a file and mounts it as a real disk.
Encrypts an entire partition or storage device such as USB flash drive or hard drive.
Encrypts a partition or drive where Windows is installed (pre-boot authentication).
Encryption is automatic, real-time (on-the-fly) and transparent.
Provides two levels of plausible deniability, in case an adversary forces you to reveal
the password:
1) Hidden volume (steganography) and hidden operating system.
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from
random data).
Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
Introduction
TrueCrypt is a software system for establishing and maintaining an on-the-flyencrypted volume (data storage device). On-the-fly encryption means that data are
automatically encrypted or decrypted right before they are loaded or saved, without
any user intervention. No data stored on an encrypted volume can be read (decrypted)
without using the correct password/keyfile(s) or correct encryption keys. Entire file
system is encrypted (e.g., file names, folder names, contents of every file, free space,
meta data, etc).
Side 8 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
Files can be copied to and from a mounted TrueCrypt volume just like they are copied
to/from any normal disk (for example, by simple drag-and-drop operations). Files are
automatically being decrypted on-the-fly (in memory/RAM) while they are being read
or copied from an encrypted TrueCrypt volume. Similarly, files that are being written
or copied to the TrueCrypt volume are automatically being encrypted on-the-fly (right
before they are written to the disk) in RAM. Note that this does not mean that the
whole file that is to be encrypted/decrypted must be stored in RAM before it can be
encrypted/decrypted. There are no extra memory (RAM) requirements for TrueCrypt.
For an illustration of how this is accomplished, see the following paragraph.
Let's suppose that there is an .avi video file stored on a TrueCrypt volume (therefore,
the video file is entirely encrypted). The user provides the correct password (and/or
keyfile) and mounts (opens) the TrueCrypt volume. When the user double clicks the
icon of the video file, the operating system launches the application associated with
the file type – typically a media player. The media player then begins loading a small
initial portion of the video file from the TrueCrypt-encrypted volume to RAM
(memory) in order to play it. While the portion is being loaded, TrueCrypt is
automatically decrypting it (in RAM). The decrypted portion of the video (stored in
RAM) is then played by the media player. While this portion is being played, the
media player begins loading next small portion of the video file from the TrueCryptencrypted volume to RAM (memory) and the process repeats. This process is called
on-the-fly encryption/decryption and it works for all file types, not only for video
files.
Note that TrueCrypt never saves any decrypted data to a disk – it only stores them temporarily
in RAM (memory). Even when the volume is mounted, data stored in the volume is still
encrypted. When you restart Windows or turn off your computer, the volume will be dismounted
and files stored in it will be inaccessible (and encrypted). Even when power supply is suddenly
interrupted (without proper system shut down), files stored in the volume are inaccessible (and
encrypted). To make them accessible again, you have to mount the volume (and provide the
correct password and/or keyfile).
Side 9 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
SafeStick
(http://www.blockmaster.se/index.php/SafeStick-Protects-Your-Information.html)
Protects Your Information
SafeStick® is a password protected USB Flash Drive with automatic hardware
encryption. It secures stored information in an instant and user friendly way. Insert it,
set a password and start using it. No other product combines corporate security and
flexibility requirements like SafeStick® does.
SafeStick® provides convenience to the workforce and as a result productivity gains
for the organization. The easy-to-use functions assists with regulatory compliance
efforts such as SOX.
SafeStick® General
• SafeStick USB Flash Drives come in sizes between 512MB and 64GB.
• SafeStick is available world wide.
• SafeStick is competitively priced and volume discounts are available.
SafeStick® Benefits
• Bring Your Business Information
•
•
Your data is secure on SafeStick® in your pocket, leave the laptop at home.
Comply To Regulations
Set your users free. SafeStick® solves the "USB Problem". Use USB with confidence in
you organisation. Use SafeStick®.
It Works Your Way!
SafeStick® can adapt to your password policy, integrate with your Active Directory,
meet your needs.
SafeStick® Features
• Secure
•
•
Encryption in hardware (AES256), hardware evaluated strong passwords.
Manageable
Update policies, reset passwords(PKI), add functionality to user SafeStick. Active
Directory integration (specific SafeStick coupled with user ID and details).
Compatible
Fully compatible Windows Vista, XP, 2000SP4 and through VMware (Linux, MacOSX)
BlockMaster's Official Position on Software Encryption of USB Flash
Drives
SafeStick is a hardware encrypted USB flash drive. If security is a concern it can not be
recommended to solve the same tasks with a pure software solution. More in this short and
easily verifiable position paper:
•
7 Major Weaknesses with Software Encryption of USB Flash Drives
SafeStick® protects stored data with hardware protection. It is not possible to unlock without
the correct password. If a central Password Recovery Management system is needed for
deployment this can be provided for an additional license fee. BlockMaster Password
Recovery integrates with your Active Directory and handles all SafeStick®-devices within the
company. The system is in use at Fortune Global 2000® enterprises.
Side 10 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
DataTraveler For Enterprise
(http://www.kingston.com/flash/DataTravelers_enterprise.asp)
With employees using their own Flash drives, traveling with data and taking work home, your
company is constantly at risk from unprotected data on an unsecured Flash drive. The
consequences can be devastating - lost reputations, lost profits, lost jobs; in short all the
horrors you read about in the daily news.
That's why you need to standardize on Kingston's DataTraveler Vault and Vault - Privacy Edition
USB Flash drives. These ingenious drives provide the highest level of security available, to
protect your business from data loss. And they're fast and easy to use, which means that
employees will adopt them quickly.
Click here to view a feature comparison of the entire DataTraveler product family.
DataTraveler Vault - Privacy Edition
Kingston's DataTraveler Vault - Privacy Edition
(DTVP) is TAA-compliant and assembled in the
U.S. This ultra-secure, waterproof drive
encrypts 100 percent of your data with 256AES hardware-based encryption and protects it
with an enforced complex password.
>> Click Here For More Details
DataTraveler Vault
Kingston's DataTraveler Vault (DTV) is TAAcompliant and assembled in the U.S. It's
waterproof and offers 256-AES hardwarebased encryption and file access protection
software to protect sensitive data.
>> Click Here For More Details
Side 11 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
Bluewhale
(https://www.bluewhale.dk/view.do?contentId=1&menuId=1)
SÅDAN VIRKER BLUEWHALE
Når man sender og modtager filer med Bluewhale sker følgende:
2-3. Bluewhale Server
1. Afsender
4. Modtager
1. Når afsenderen vælger "Send" i Outlook eller i Bluewhale-afsenderprogrammet
komprimeres de valgte filer og mapper sammen til een fil.
2. Den komprimerede fil overføres via en sikker forbindelse til Bluewhale-serveren.
3. Bluewhale-serveren scanner filen for virus, hvis filen indeholder virus afvises den.
4. Der sendes en e-mail til modtagen. E-mailen indeholder et link som gør det muligt
at hente de vedlagte filer.
PRIS OG PRODUKTOVERSIGT
Alle priser er angivet i DKK inkl. moms.
Produkt
Periode/mængde
Pris
Gratis
Bluewhale free
250 Mb
Bluewhale standard
1000 Mb1
39,-
Bluewhale standard
1
2000 Mb
69,-
Bluewhale standard
4000 Mb1
99,-
1
Megabyte som ikke er anvendt senest 1 år fra købsdato bortfalder.
Side 12 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
Data slettes automatisk fra systemet 7 dage efter afsendelse, uanset om data er hentet
af modtageren.
Trafik opgøres som den komprimerede, afsendte datamængde.
BLUEWHALE PROFESSIONAL
Kontakt venligst Bluewhale ApS hvis der ønskes tilbud på Bluewhale professional
konti.
MAILsweeper for SMTP v.4.2
Policy Based E-Mail Content Security
MAILsweeper for SMTP 4.2 is Baltimore's leading policy-based solution for SMTPbased (simple mail transfer protocol) communications. It is designed to help
businesses implement and enforce policies against E-Mail threats and ensure
network integrity.
MAILsweeper for SMTP 4.2 is an enterprise-class product that resides at the
gateway and offers:
- Multi-layered security for managing incoming and outgoing E-Mail
- Integration with mission-critical modules, including offensive image analysis,
archiving and encryption capability
- Performance monitoring
- Flexible anti-virus solution support
MAILsweeper for SMTP 4.2 now runs on the enhanced MIMEsweeper engine (v. 4)
and offers:
- Clustering Capabilities: MAILsweeper for SMTP v.4.2 now offers clustering
capabilities for supporting large, distributed enterprise environments and provides
a single, central point of management. IT managers can better manage the large
volume of E-Mails encountered on a daily basis, provide higher uptime for
mission-critical messaging systems and obtain centralized policy management to
support multiple server configurations.
- Real-Time Reporting: MAILsweeper for SMTP v.4.2 has been enhanced to
provide real-time, direct auditing from the MIMEsweeper engine directly into SQL
databases. Now, IT managers and other key decision makers can monitor activity
in near real-time to ensure e-mail security polices are understood and complied
with throughout the organization.
- Enhanced Flexibility and Tools: In direct response to customer needs,
MAILsweeper for SMTP v.4.2 now includes such key features as enhanced file
managers that allow organizations to block MP3 files, as well as files by name or
file extension; a customized pattern matcher that allows end users to define and
Side 13 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
identify file types they want to block or manage (e.g. AutoCAD drawings); and
expanded utilities that allow IT managers to integrate MIMEsweeper with thirdparty software for customized policy enforcement.
For more information, please visit the MIMEsweeper Web site.
Microsoft - Encrypting File System
http://en.wikipedia.org/wiki/Encrypting_File_System
The Encrypting File System (EFS) is a file system driver that provides filesystemlevel encryption in Microsoft Windows (2000 and later) operating systems, except
Windows XP Home Edition, Windows Vista Basic, and Windows Vista Home
Premium. The technology enables files to be transparently encrypted on NTFS file
systems to protect confidential data from attackers with physical access to the
computer.
User authentication and access control lists can protect files from unauthorized access
while the operating system is running, but are easily circumvented if an attacker gains
physical access to the computer. One solution is to store the files encrypted on the
disks of the computer. EFS does this using public key cryptography, and aims to
ensure that decrypting the files is extremely difficult without the correct key.
However, EFS is in practice susceptible to brute-force attacks against the user account
passwords. In other words, encryption of files is only as strong as the password to
unlock the decryption key.
Side 14 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
EFS works by encrypting a file with a bulk symmetric key, also known as the File
Encryption Key, or FEK. It uses a symmetric encryption algorithm because it takes a
relatively smaller amount of time to encrypt and decrypt large amounts of data than if
an asymmetric key cipher is used. The symmetric encryption algorithm used will vary
depending on the version and configuration of the operating system; see #Algorithms
Used by Operating System Version below. The FEK (the symmetric key that is used
to encrypt the file) is then encrypted with a public key that is associated with the user
who encrypted the file, and this encrypted FEK is stored in the $EFS alternate data
stream of the encrypted file. To decrypt the file, the EFS component driver uses the
private key that matches the EFS digital certificate (used to encrypt the file) to decrypt
the symmetric key that is stored in the $EFS stream. The EFS component driver then
uses the symmetric key to decrypt the file. Because the encryption & decryption
operations are performed at a layer below NTFS, it is transparent to the user and all
their applications.
Folders whose contents are to be encrypted by the file system are marked with an
encryption attribute. The EFS component driver treats this encryption attribute in a
way that is analogous to the inheritance of file permissions in NTFS: if a folder is
marked for encryption, then by default all files and subfolders that are created under
the folder are also encrypted. When encrypted files are moved within an NTFS
volume, the files remain encrypted. However, there are a number of occasions in
Side 15 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
which the file could be decrypted without the user explicitly asking Windows to do
so.
Files and folders are decrypted before being copied to a volume formatted with
another file system, like FAT32. Finally, when encrypted files are copied over the
network using the SMB/CIFS protocol, the files are decrypted before they are sent
over the network.
The most significant way of preventing the decryption-on-copy is using backup
applications that are aware of the "Raw" APIs. Backup applications that have
implemented these Raw APIs will simply copy the encrypted file stream and the $EFS
alternate data stream as a single file. In other words, the files are "copied" (e.g. into
the backup file) in encrypted form, and are not decrypted during backup.
Starting with Windows Vista, a user's private key can be stored on a smart card; Data
Recovery Agent (DRA) keys can also be stored on a smart card.[1]
Security
There are two significant security vulnerabilities in Windows 2000 EFS.
Decrypting files using the local Administrator account
In Windows 2000, the local administrator is the default Data Recovery Agent, capable
of decrypting all files encrypted with EFS by any local user. EFS in Windows 2000
cannot function without a recovery agent, so there is always someone who can
decrypt encrypted files of the users. Any non-domain-joined Windows 2000 computer
will be susceptible to unauthorized EFS decryption by anyone who can take over the
local Administrator account, which is trivial given many tools available freely on the
Internet.[2]
In Windows XP and later, there is no default local Data Recovery Agent and no
requirement to have one. Setting SYSKEY to mode 2 or 3 (syskey typed in during
bootup or stored on a floppy disk) will mitigate the risk of unauthorized decryption
through the local Administrator account. This is because the local user's password
hashes, stored in the SAM file, are encrypted with the Syskey, and the Syskey value is
not available to an offline attacker who does not possess the Syskey
passphrase/floppy.
Accessing private key via password reset
In Windows 2000, the user's RSA private key is not only stored in a truly encrypted
form, but there is also a backup of the user's RSA private key that is more weakly
protected. If an attacker gains physical access to the Windows 2000 computer and
resets a local user account's password[2], the attacker can log in as that user (or
recovery agent) and gain access to the RSA private key which can decrypt all files.
This is because the backup of the user's RSA private key is encrypted with an LSA
secret, which is accessible to any attacker who can elevate their login to LocalSystem
(again, trivial given numerous tools on the Internet).
Side 16 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
In Windows XP and beyond, the user's RSA private key is backed up using an offline
public key whose matching private key is stored in one of two places: the password
reset disk (if Windows XP is not a member of a domain) or in the Active Directory (if
Windows XP is a member of a domain). This means that an attacker who can
authenticate to Windows XP as LocalSystem still does not have access to a decryption
key stored on the PC's hard drive.
In Windows 2000, XP or later, the user's RSA private key is encrypted using a hash of
the user's NTLM password hash plus the user name - use of a salted hash makes it
extremely difficult to reverse the process and recover the private key without knowing
the user's passphrase. Also, again, setting Syskey to mode 2 or 3 (Syskey typed in
during bootup or stored on a floppy disk) will mitigate this attack, since the local
user's password hash will be stored encrypted in the SAM file,
Other issues
Windows can store plaintext versions of user account passphrases, though this is no
longer default behaviour; it also can store (and will by default on Windows XP and
lower) the local user account passphrases in LM hash, which can be attacked and
broken relatively easily. It also stores local user account passphrases as NTLM
hashes, which can be fairly easily attacked using "rainbow tables". To mitigate the
threat of trivial brute-force attacks on local passphrases, Windows needs to be
configured (using the Security Settings portion of Group Policy) to never store LM
hashes, and of course, to turn off Autologon (which stores plaintext passphrases in the
registry). Further, using local user account passphrases over 14 characters long
prevents Windows from storing an LM hash in the SAM - and has the added benefit
of making brute-force attacks against the NTLM hash harder. Of course, if you
consider the fact that EFS uses Triple DES or AES to encrypt files, you should use
proper passphrase lengths (over 20 characters long) to achieve equivalent strength
against brute-force attacks.
When encrypting files with EFS - when converting plaintext files to encrypted files the plaintext files are not wiped, but simply deleted. This means that they can be
easily recovered unless they are overwritten. To fully mitigate known, nonchallenging technical attacks against EFS, you should configure encryption at the
folder level (so that all temporary files like Word document backups which are
created in these directories are also encrypted). When you wish to encrypt individual
files, copy them to an encrypted folder or encrypt the file "in place", and then securely
wipe the disk volume. You can use the Windows Cipher utility (with the /W option)
to wipe free space including that which still contains deleted plaintext files; various
third-party utilities may work as well.
Anyone that can gain Administrators access can overwrite, override or change the
Data Recovery Agent configuration. This is a very serious issue, since an attacker can
for example hack the Administrator account (using third-party tools), set whatever
DRA certificate they want as the Data Recovery Agent and wait. This is sometimes
referred to as a two-stage attack, which is a significantly different scenario than the
risk due to a lost or stolen PC, but which highlights the risk due to malicious insiders.
Side 17 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
When the user encrypts files after the first stage of such an attack, the FEKs are
automatically encrypted with the designated DRA's public key. The attacker only
needs to access the computer once more as Administrator to gain full access to all
those subsequently EFS-encrypted files. Even using Syskey mode 2 or 3 does not
protect against this attack, because the attacker could back up the encrypted files
offline, restore them elsewhere and use the DRA's private key to decrypt the files. Of
course, if such a malicious insider can gain physical access to the computer, you
might consider all security features to be irrelevant, because he could also install
rootkits, software or even hardware keyloggers etc. on the computer - which is
potentially much more interesting and effective than overwriting DRA policy.
Recovery
Files encrypted with EFS can only be decrypted by using the RSA private key(s)
matching the previously-used public key(s). The stored copy of the user's private key
is ultimately protected by the user's logon password. Accessing encrypted files from
outside Windows with other operating systems (Linux, for example, or even another
instance of Windows) is not possible — not least of which because there is currently
no third party EFS component driver. Further, using special tools to reset the user's
login password will render it impossible to decrypt the user's private key and thus
useless for gaining access to the user's encrypted files. The significance of this is
occasionally lost on users, resulting in data loss if a user forgets his or her password,
or fails to back up the encryption key. This led to coining of the term "delayed recycle
bin", to describe the seeming inevitability of data loss if an inexperienced user
encrypts his or her files.
However it may be possible to recover the encrypted data with special software tools
at the local machine even if no data recovery agent has been named and the account
that created the encrypted files has been deleted. This may be possible because the
private key deleted along with the profile can be recovered by specialized recovery
software.
Keys
•
•
•
•
•
user password (or smart card private key): used to generate a decryption key to
decrypt the user's DPAPI Master Key
DPAPI Master Key: used to decrypt the user's RSA private key(s)
RSA private key: used to decrypt each file's FEK
File Encryption Key (FEK): used to decrypt/encrypt each file's data (in the primary NTFS
stream)
SYSKEY: used to encrypt the cached domain verifier and the password hashes stored in
the SAM
Supported Operating Systems
•
•
•
•
•
Windows 2000 Professional, Server, Enterprise and Datacenter editions
Windows XP Professional
Windows Server 2003
Windows Vista Enterprise, Business and Ultimate, but not Basic or Home Premium.
Microsoft website.
Windows Server 2008
Side 18 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
New Features available by OS version
•
•
•
•
•
•
Windows XP:
o encryption of the Client-Side Cache
o protection of DPAPI Master Key backup using domain-wide public key
o autoenrollment of user certificates (including EFS certificates)
o multiple-user (shared) access to encrypted files (on a file-by-file basis)
Windows XP SP1: support for and default use of AES-256 symmetric encryption
algorithm for all EFS-encrypted files
Windows XP SP2 + KB 912761: prevent enrollment of self-signed EFS certificates
Windows Server 2003:
o DIMS
o enforcement of RSAKeyLength setting for enforcing a minimum key length
when enrolling self-signed EFS certificates
Windows Vista[3] and Windows Server 2008[4][5]:
o per-user encryption of Client-Side Cache (offline files)
o support for storing (user or DRA) RSA private keys on a PC/SC smart card
o EFS Re-Key Wizard
o EFS Key backup prompts
o support for deriving DPAPI Master Key from PC/SC smart card
o support for encryption of pagefile.sys
o protection of EFS-related secrets using BitLocker (Enterprise or Ultimate edition
of Windows Vista)[6][7]
o Group Policy controls to enforce:
encryption of Documents folder
offline files encryption
indexing of encrypted files
requiring smart card for EFS
creating a caching-capable user key from smart card
displaying a key backup notification when a user key is created or
changed
specifying the certificate template used for enrolling EFS certificates
automatically
Windows Server 2008[8]:
o EFS self-signed certificates enrolled on the Windows Server 2008 server will
default to 2048-bit RSA key length
o all EFS templates (user and data recovery agent certificates) default to 2048bit RSA key length
Algorithms Used by Operating System version
Windows EFS supports a range of symmetric encryption algorithms, depending on the
version of Windows in use when the files are encrypted:
Operating System
Default Algorithm
Other Algorithms
Windows 2000
DESX
(none)
Windows XP RTM
DESX
3DES
Windows XP SP1
AES
3DES, DESX
Windows Server 2003
AES
3DES, DESX
Windows Vista
AES
3DES, DESX
Windows Server 2008
AES
3DES, DESX (?)
Side 19 af 21
Kurt Bjernemose 3.17.2009
Kryptering på Københavns Universitet
References
1.
2.
3.
4.
5.
6.
7.
8.
Chris Corio (May 2006). "First Look: New Security Features in Windows Vista". TechNet
Magazine. Microsoft.
http://www.microsoft.com/technet/technetmag/issues/2006/05/FirstLook/. Retrieved on
2006-11-06.
a b
ntpasswd, available since 1997
Kim Mikkelsen (2006-09-05). "Windows Vista Session 31: Rights Management Services and
Encrypting File System" (PDF). presentation. Microsoft.
http://download.microsoft.com/download/e/b/a/ebafefc9-4b64-4816-87789fb33c8c43d9/31_Rights_Management_og_Encrypting_File_Systems.pdf. Retrieved on
2007-10-02.
"Encrypting File System". documentation. Microsoft. 2007-04-30.
http://technet2.microsoft.com/windowsserver2008/en/library/69f04dd7-bced-4079-84e9095b8dc563991033.mspx?mfr=true. Retrieved on 2007-11-06.
"Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008:
Encrypting File System". documentation. Microsoft. 2007-09-01.
http://technet2.microsoft.com/windowsserver2008/en/library/f843023b-bedd-40dd-9e5bf1619eebf7821033.mspx?mfr=true. Retrieved on 2007-11-06.
Scott Field (June 2006). "Microsoft Windows Vista Security Enhancements" (DOC).
whitepaper. Microsoft.
http://download.microsoft.com/documents/uk/msdn/events/Windows_Vista_Security_WP.d
oc. Retrieved on 2007-06-14.
Microsoft Corporation (2006-11-30). "Data Communication Protocol". patent. Microsoft.
http://www.freepatentsonline.com/20060271697.html. Retrieved on 2007-06-14.
"Changes in Functionality from Windows Server 2003 with SP1 to Windows Server 2008:
Encrypting File System". documentation. Microsoft. 2007-09-01.
http://technet2.microsoft.com/windowsserver2008/en/library/f843023b-bedd-40dd-9e5bf1619eebf7821033.mspx?mfr=true. Retrieved on 2007-11-06.
External links
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Encrypting File System in Windows XP and Windows Server 2003
Microsoft Data Encryption Toolkit including the freely downloadable EFS Assistant tool
Windows XP: Using File Encryption
Codeplex shared-source version of the EFS Assistant tool
EFS presentation on deployment, threat mitigation and operational best practices
Mark Russinovich articles in Windows IT Pro magazine on the EFS implementation in
Windows 2000
Network Associates technical article on EFS in Windows Server 2003
Using Encrypting File System in Windows XP
Resource Kit article on EFS in Windows 2000
How EFS Works in Windows 2000
EFS tutorial with many screenshots
EFS internals on ntfs.com
Beginning To See The Light article reverse engineering much of EFS
Roberta Bragg meta-article linking to many EFS resources
Cryptographic Filesystems, Part One: Design and Implementation
Cryptographic File Systems, Part Two: Implementation
Cryptography portal (WIKI)
•
•
•
•
Filesystem-level encryption
Disk encryption software
Full disk encryption
DPAPI
Side 20 af 21
Kurt Bjernemose 3.17.2009