Tag: whole disk encryption

  1. Cryptsetup benchmarks for a Dell 17r.

    01 August 2013

    For no good reason today I decided to run some cryptsetup benchmarks on Windbringer. The only really significant change to the systemware configuration is that Windbringer is now running Linux kernel version 3.9.4-1-ARCH.

    [drwho@windbringer ~]$ cryptsetup benchmark
    # Tests are approximate using memory only (no storage IO).
    PBKDF2-sha1       407688 iterations per second
    PBKDF2-sha256     222155 iterations per second
    PBKDF2-sha512     144511 iterations per second
    PBKDF2-ripemd160  334367 iterations per second
    PBKDF2-whirlpool  187245 iterations per second
    #  Algorithm | Key |  Encryption |  Decryption
         aes-cbc   128b   563.0 MiB/s  1862.0 MiB/s
     serpent-cbc   128b    67.7 …

    Read more...

  2. Cryptoparty presentation: Whole Disk Encryption

    31 July 2013

    At the DC Cryptoparty in October of 2012 I did two presentations: One on GnuPG and one on whole disk encryption. While I'd put the GnuPG presentation online I hadn't done the same for the disk encryption one because I had to update it after the cryptoparty to take into account new information acquired that afternoon regarding MacOSX and Windows. I did so, converted the OpenOffice Presentation deck into a PDF, PGP signed them, and uploaded them this afternoon.

    v1.0 of the WDE presentation is now available for download:

    Read more...

  3. Practical whole disk encryption, or, how to frustrate data forensics.

    23 February 2009

    When you get right down to it, the best way for an attacker to get hold of your data is to shut the box down, pull the drive, and rip a sector-by-sector image to analyze offsite. It might not be quick (depending on the speed of the hard drive, speed of the storage drive, and a number of other factors) but if you're not there when it's done you might not know that it ever happened. However, if you encrypt data at the level of the drive, they can copy the drive all they want but they won't be able …

    Read more...

  4. Boot loaders and securing dual-booting portable systems.

    29 May 2008

    UPDATE - 20170327 - Truecrypt was disconnected in 2014.ev when Microsoft stopped supporting Windows XP.  DO NOT USE IT.  This blog post must be considered historical in nature.

    If you've been following the news media for the past year or so, stores have been cropping up with frightening regularity about travelers who are detained at the border while customs agents demand the login credentials for their notebook computers so that they can be examined for gods-know-what kind of information. From time to time, the hard drives of computers are actually imaged for later analysis. As if that weren't enough, the United …

    Read more...