Forwarded From: Kjell Wooding <kwooding@codetalker.com>
http://www.codetalker.com/
Data Fellows to Announce Very Strong Crypto Program
NewsBytes
29-MAY-98
SAN JOSE, CALIFORNIA, U.S.A., 1998 MAY 29 (Newsbytes) -- By Craig
Menefee, Newsbytes. Computer security firm Data Fellows plans to
announce Monday a very strong encryption utility with centralized
administration for both desktop and laptop PCs running Windows
95/98/NT, Newsbytes learned. Among other features, the F-Secure
FileCrypto program will allow key recovery in either of two very
secure encryption modes.
A file-oriented utility, F-Secure FileCrypto will use on-the-fly,
transparent encryption to protect all or designated parts of a Windows
file tree. Users have a choice of Triple-DES or the 256-bit-key
Blowfish algorithm that some cryptographers have called one of the
best systems now available.
While Blowfish uses true 256-bit keys, Triple-DES passes data through
the same US Data Encryption Standard (DES) algorithm three times using
a 56-bit key. For arcane cryptographic reasons the total effective key
length what mathematicians describe as a minimum of 112 bits, rather
than the 168 bits as one might expect.
"The important thing to remember is that both systems have been around
for a long time," said Petri Laakkonen, president of the Helsinki
firm's North America operation in Silicon Valley. "They have both been
well scrutinized and these implementations are very secure."
FileCrypto uses a very random key kernel based, among other things, on
mouse movements made by the user during setup. According to Laakkonen,
the result has a degree of randomness close to that of keys generated
by noisy diodes or true random number tables. This kernel is used to
generate individual keys for each file encrypted, so in a worst case
scenario where the key is grabbed electronically in some manner, it
will work only on a single file.
The random key kernel is kept in a separate file that can be stored on
a floppy disk. If the kernel is lost or destroyed, the key recovery
utility can be used to generate it, so for example laptops will not be
in danger of data loss. Laakkonen says Data Fellows is working on
smart card key storage as well.
Unless the user takes extra steps, all data stored on the hard drive
-- including working temporary files -- are encrypted. As a result,
neither loss of battery power on a laptop nor a power outage in the
office will leave unencrypted data on the drive.
In use, the program interfaces through Windows Explorer. There, users
choose which directory trees or individual files to exempt from
encryption. However, Laakkonen told Newsbytes, the data manipulation
is done using low-level drivers and so is too fast for the overhead to
be noticed.
The program will be available the first week of July, said Laakkonen,
starting at $99 for a single license and dropping sharply for multiple
orders. The firm maintains a site on the World Wide Web at
http://www.DataFellows.com .
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Sun May 31 10:50:13 1998