Encryption Security Question

Discussion in 'privacy technology' started by TheMozart, Apr 28, 2012.

Thread Status:
Not open for further replies.
  1. TheMozart
    Offline

    TheMozart Former Poster

    I encrypt all my data using Winrar, then back all my data onto a DVD and then store the DVD in my drawer.

    However, I like the idea about also having a backup online, but I am worried my personal data may be hacked or stolen.

    So my question is... which is the most secure, Dropbox or Gladinet or something else?

    And what's the best program to use to encrypt my data BEFORE I upload it to Dropbox or Gladinet? And what's the best method to encrypt files, using how long password and what kind of password?

    Cheers, appreciate the help.
  2. Hungry Man
    Offline

    Hungry Man Registered Member

    I suggest you use 7zip as the cipher is open source and winrar's is proprietary (I believe, may be out of date on that.) AES 256bit. IT doesn't really matter how safe the cloud is if you encrypt all of your stuff first.

    8 characters or more. 12 if you're paranoid. 16 if you're nuts.
  3. TheMozart
    Offline

    TheMozart Former Poster

    So using Winrar to encrypt the files is not secure? I think Winrar uses AES 128bit, so that's not enough? What's 7zip using?

    My password I have memorized is 20 characters long, I can use that with 128bit AES on Winrar...could someone break or hack that?

    What's the most secure freeware file encryption software available? Is AxCrypt any good? It uses 128bit though, and their website says that 128bit is all we need and that 256 is like "snake oil".
    Last edited: Apr 28, 2012
  4. Hungry Man
    Offline

    Hungry Man Registered Member

    Winrar is probably plenty secure. I just prefer 7zip as the cipher is open and it uses AES 256. Both AES 128 and 256 are very secure though.

    7zip uses AES 256bit I believe.

    No, if you're using a 20 character password it would be impossible to bruteforce it on either.

    I only really know of 7zip and Winrar so I'm not sure about AxCrypt.

    The difference between cracking 128bit and 256bit AES is the difference between impossible and extra impossible. Either way you're safe, but I think it's always nice to go with extra impossible when it's available.
  5. guest
    Offline

    guest Guest

    I too prefer the convenience of 7zip's AES 256. My passwords usually have almost 20 characters (16-19).

    You can use this to help in boosting the security of your password: http://www.passwordmeter.com/

    Of course, it "should only be utilized as a loose guide in determining methods for improving the password creation process."
  6. TheMozart
    Offline

    TheMozart Former Poster


    Winrar uses 128bit and so does 7zip I was reading. Who told you that 7zip uses AES 256bit? And isn't 256 overkill? Can people really crack a 20 character password using 128bit?
  7. Hungry Man
    Offline

    Hungry Man Registered Member

    I'd thought 7zip uses 256bit. Perhaps that's just an option? Not sure.

    Neither 128bit nor 256bit are crackable with a 20 character password. Like I said, both are impossible, 256bit is just "extra" impossible.
  8. TheMozart
    Offline

    TheMozart Former Poster

    And what you think about the idea of using Winrar or 7zip and then encrypting the file using AxCrypt + keyfile for added security?

    If I am going to upload these files to Cloud, using Dropbox then I want to be sure my files are secure.
  9. Hungry Man
    Offline

    Hungry Man Registered Member

    Not sure. You could make the file more secure or you could overcomplicate the process and make it less secure. I would stick to 7zip and a strong password. That'll be enough.
  10. TheMozart
    Offline

    TheMozart Former Poster

    Is there evidence to show that if I use Winrar or 7zip to create an encrypted .zip file, and then encrypt it a second time with AxCrypt , that it becomes less secure?

    So dual layered encryption is less secure than a single layer?
  11. Hungry Man
    Offline

    Hungry Man Registered Member

    Potentially. I don't know of any papers that cover the subject. I think the simpler approach is what you should take.
  12. TheMozart
    Offline

    TheMozart Former Poster

    BY the way, can't use Dropbox, it's SOOO SLOW to upload, I only get 18KB/s and files take forever.

    Any other solution?
  13. InfinityAz
    Offline

    InfinityAz Registered Member

    Have you gone into Dropbox's preferences and set the upload speed to Don't Limit? Try it, it may help.
  14. TheMozart
    Offline

    TheMozart Former Poster

    Yes I think that helped InfinityAz:) You are a clever boy aren't you? lol

    Went from 18KB/s to 77KB/s. Why wouldn't they have that set to default as unlimited?

    But its still slow.
    Last edited: Apr 28, 2012
  15. guest
    Offline

    guest Guest

    From 7-Zip Help's file:

  16. Noob
    Offline

    Noob Registered Member

    A bit off topic but you still use DVD's to backup data? :eek:
    Why not an USB or portable HDD.
    I used to backup data in my second internal HDD but a few weeks ago i purchased a 1TB USB 3.0 HDD for only $99.99, that's hella cheap!! :D

    I'll have space to spare for a few years. :D
  17. guest
    Offline

    guest Guest

    LOL, I didn't see that. I would need several DVDs to backup my data.

    I use SkyDrive (essential data), some USB flash drives (essential and important data) and USB/external HDDs (everything, including system images).

    My notebook has a second internal HDD as well, but I don't use it for backup purposes.
  18. TheMozart
    Offline

    TheMozart Former Poster

    All my private and needed data, e.g personal files, portableapps etc, is run from a TrueCrypt partition, it's around 7GB, which compresses to around 4GB using Winrar, which I then copy to one DVD. That's all the data I need to save and backup.

    Uploading 4GB to Dropbox would probably take 1 week lol
  19. noblelord
    Offline

    noblelord Registered Member

  20. PaulyDefran
    Offline

    PaulyDefran Registered Member

    GRC/Security Now just reviewed about 15 providers, and Spider Oak was at the top.

    PD
  21. syncmaster913n
    Offline

    syncmaster913n Registered Member

    I prefer backing up some data to BlueRay discs. The good ones (about $10 a piece) have an estimated life expectancy of 50 years. I personally trust a blueray disc more than a USB thumb drive. However I will still use a USB thumb for anything that needs to be regularly updated.

    As for dual-layer encryption; as far as I know (I've been researching this for some time now), using it in the way you suggest would add security. What could potentially reduce security is using cascade encryption, such as the one offered within TrueCrypt (ie encrypt once, using AES-Twofish-Serpent simultaneously). However if you first encrypt using method A, then use a different program to encrypt using method B, this should definitely add protection.
    Last edited: Apr 29, 2012
  22. Noob
    Offline

    Noob Registered Member

    Hahaha i trust HDD's more than my USB's although up to date no USB have failed me.
    Usually when i backup data i don't save it in 1 place, i usually have 3-4 copies, example, external HDD, 2 USB's and internal HDD. :rolleyes:
  23. syncmaster913n
    Offline

    syncmaster913n Registered Member

    Same here, although I've had a USB fail on me once. Not sure though if it was an issue with the USB itself, or someone tampering with it.
  24. TheMozart
    Offline

    TheMozart Former Poster

    Dropbox is too slow, surely there must be a cloud service that allows faster uploads?
  25. syncmaster913n
    Offline

    syncmaster913n Registered Member

    SpiderOak seems relatively fast; I've uploaded 200MB in about 15 minutes I think (I have 10Mb upload speed)
Thread Status:
Not open for further replies.