Time Encryption

Discussion in 'privacy technology' started by axemmiw905, Feb 8, 2012.

Thread Status:
Not open for further replies.
  1. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    Is it possible to factor in time into an encryption key? What are the possibilities of this happening in the near future? Like let's say I was trying to hack into an encrypted file, adding in time as a factor would heighten security as it gives that person a finite/limited amount of time to bruteforce or hack that file, aren't I right?

    Just considering the possibility.
     
  2. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    How would the encrypted file know the difference between one key try and one billion key tries?
     
  3. x942

    x942 Guest

    This wouldn't work at all. The only way a "time-based" Encryption key could work is if the file was automatically decrypted and re-encrypted every "X" number of seconds. The issue of course would be that the key could only be change when the file/container was mounted. The annoyance would be corrupted data. As every time the key changed the data would have to be re-encrypted and you never be able to use it as it would happen way to fast. You would essentially be stuck in an infinite state of encryption and decryption.

    Now if it changed the key every time you dismounted the container for instance, this could work better. However once again there are issues with this:

    1) An attacker takes an image of the container when it's encrypted and now has a copy with that key (that key can never change as it's encrypted so it's basically a static copy). Once the attacker get's in, he's in.


    2) The amount of time it would take to encrypt a file every time you dismounted the volume would be insane. Imagine dismounting a 10 GB or even 100 GB container and having it re-encrypt the entire thing with a new key. This would take forever. The amount of time would not be worth while for the minuscule amount of security it would add.

    3) All an attacker needs is your password. That does nothing to change that. The attacker will ALWAYS aim at the weakest link. This is often your password. If you use a strong password and strong encryption (AES256 BIT) than the weakest link becomes you. At this point I would like to direct you to rubber-house Cryptanalysis

    Now as for encryption keys that expire your out of luck. The closest you would come is by using PGP (Where you can make them invalid after a set date. However if some one manages to crack your key (or get hold of your private key) than they CAN still decrypt the files. Only signatures will be voided.)

    Stick with the proven technology. Don't try adding stuff. Anything that has this kindof 'security' is useless.
     
  4. box750

    box750 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    259
    The Ironkey will self destruct (internally) after you enter the wrong password 10 times.

    IronKey flash drive "self-destructs" on too many failed password attempts:
    http://www.techrepublic.com/blog/te...ucts-on-too-many-failed-password-attempts/916

    I am also using DiskCryptor full disk encryption at home and I have it set up so that if the password is not entered in 60 seconds the computer is halted, forcing a manual reboot to try it again, this is easy to do through the configuration settings and the length of time, as well as the action to perform (halt,reboot,etc) can be changed.
     
    Last edited: Feb 12, 2012
Loading...
Thread Status:
Not open for further replies.