Cryptography Reference
In-Depth Information
that is installed in some computer systems. BitLocker encryption is based on a
modified version of AES in CBC mode.
Many full disk encryption mechanisms require the user to provide the disk
decryption key either by entering a password or providing a security token.
However, this control does require user interaction during the booting of the
machine, which may be undesirable or inconvenient from a performance per-
spective. BitLocker allows such interaction, but also provides a more transparent
service using the TPM that does not require it. The main additional requirement
that this imposes is the need for a degree of data origin authentication of the
encrypted data.
With respect to key management, generation and establishment of the
necessary keys is relatively straightforward because this can be done locally. Of
greater concern is storage of the key used to encrypt/decrypt the disk. Options for
this include encrypting it using a key encrypting key that is derived on the fly from
a passphrase (see Section 10.5.1) or storing it on a smart card. The main concern
with a full disk encryption mechanism is the implications of the loss of the key
used to protect the disk. It would thus be wise to make sure that the deployed
mechanism provides a means of backing up important keys and that the backup
mechanism itself is secure. One option is to store important keys on physically
secured portable media.
VIRTUAL DISK ENCRYPTION
An alternative to encrypting an entire disk is to use
virtual disk encryption
mechanisms, which can be used to encrypt chunks of data, usually referred to
as
containers
. Virtual disk encryption can be deployed on devices such as USB
tokens, as well as on desktops and laptops. In most solutions the user is required
to authenticate to the device, usually by means of a password, in order to access
the encrypted files within the container. There are several advantages of virtual
disk encryption over full disk encryption:
• Virtual disk encryption can be used to encrypt selected data on a disk, rather
than the full disk.
• An encrypted container is normally portable, in the sense that it can be copied
onto media such as a DVD. Thus virtual disk encryption can provide security
for data transfer, as well as storage, in cases where the data can be physically
transferred using portable media.
Just as for full disk encryption, care needs to be taken to make sure that the
mechanisms and processes used to support user (entity) authentication to the
device and key management are adequately addressed.
FILE ENCRYPTION
The greatest granularity of control over data encryption is to deploy file
encryption, which encrypts individual files (or folders). One of the other main
advantages of file encryption is that it can protect a file on a running computer
