How many people believe What HardDisk is saying?

Discussion in 'privacy technology' started by notageek, Feb 20, 2005.

Thread Status:
Not open for further replies.
  1. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
  2. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    HardEncrypt claims to use a One-Time Pad (see How the HardEncrypt Package works) which is a method that has been mathematically proven to be uncrackable (each entry in the pad is only used once).

    However it does not secure its "pads" (key files) which have to be retained to decrypt the contents - it is therefore up to the user to make sure no-one else can access them. Each keyfile should only be used once and needs to be at least as large as the data being encrypted - so managing keyfiles can become very difficult for those encrypting lots of data.

    As such the problems are really practical ones. You cannot use it to securely send an encrypted file to someone since you need to send them the keyfile also somehow - RSA solves this with public/private keys (the HardEncrypt user guide suggests sending 1000 keyfiles in advance but this means an attacker just has to intercept and try each one in turn). You cannot use it easily on large quantities of data due to the keyfile requirements. You should not use it unless you have a means of keeping keyfiles secure.
     
  3. One time pads? No wonder they claimed NSA couldnt crack it.
     
  4. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I bet the NSA can crack it.
     
  5. not the nsa

    not the nsa Guest

    American intelligence has proven they can't find Osama bin Laden, they can't find his #2, they can't figure out who sent the anthrax, they discover an insecure email system that's been operating as such for years (FBI), they were wrong on WMDs in Iraq, they failed the USA on 9-11-01. But, you think they can crack a one-time pad? The NSA, CIA, FBI are far less than people think. They have proven to be typically INCOMPETENT bureaucrats. No, I don't believe for a second they can break a one-time pad.
     
  6. cluessnoobie

    cluessnoobie Guest

    Well i suppose they could beat it out of you. Rubberhoseattack.
     
  7. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    This topic isn't about government bashing it's about if you can believe that HardDisk can be uncracked like they said.
     
  8. ghost16825

    ghost16825 Registered Member

    Joined:
    Feb 1, 2005
    Posts:
    84
  9. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Thanks. I think I'm going to stick with PGP. Most of the encryption software are not secure. Plus PGP is free.
     
  10. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Nope. I wouldn't trust it. Theoretically, a OTP would be uncrackable (the only such thing in cryptography), but with poor implementation, as the coding shows, I wouldn't trust it. I like TrueCrypt and AxCrypt - both open source, free, and well regarded programs within crypto circles. PGP is fine, but a bit bloated for simple encryption of volumes or single files.
     
Loading...
Thread Status:
Not open for further replies.