> [EMAIL PROTECTED]:[EMAIL PROTECTED] wrote: > > > "Trei, Peter" <[EMAIL PROTECTED]> writes: > > >No info on chaining modes, if any, nor of IV handling. > > DES/ECB, originally with a 40-bit key, more recently with 56-bit and 3DES. > Keys generated by the manufacturer onto a USB dongle. No easy way to make > backups of the dongle. It's a messy tradeoff: If you want something like > laptop/data-theft-protection (which will suit the majority of the market), > then DES-40/ECB is fine, but you want to be able to back up the dongle > because > if that goes (and after multiple insertions and removals it will) you've > lost > all your data. OTOH if you want protection from the MIB the fragile > nature of > the key storage is probably a benefit, but then you want 3DES/CBC to go > with > it. At the moment you have laptop-theft-protection crypto and > MIB-protection > key storage. > > You can buy truckloads of these things on ebay for about $20 a pop if you > want > to play with one. > > Peter. > Color me dissapointed.
It's a move in the right direction, but I wish they had followed through and done the right things: * [AES | 3DES]/CBC with a good distribution of IVs * User-generated keys (before initial disk setup, of course). * Shutdown on dongle removal. * Some kind of PIN or password protection on the dongle. eNova claims not to keep a database of keys (they don't say that 'there is no database of keys', which is a little different), and to get a key copied you have to send it to them. They do seem to supply a spare. Back a few years ago, I calculated that with the DES key search software then available, a single 200MHz machine could search 40 bits of keyspace over a long weekend. Today it would take a few hours. 40 bit DES is not secure against your kid sister (if she's a cypherpunk :-), much less industrial espionage. Quote from http://www.abit.com.tw/abitweb/webjsp/english/mb_spec.jsp?pPRODUCT_TYPE=Moth erBoard&pMODEL_NAME=SecureIDE : "40-bit DES (US Data Encryption Standard) is adequate for general users" Yeah. Right. Peter
