Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Product request - Enterprise whole disk encryption for laptops

From: Harold Winshel <winshel () CAMDEN RUTGERS EDU>
Date: Sat, 15 Jul 2006 14:34:06 -0400
There might be actually two different issues in terms of protection
against a breach.

One, what is required in terms of not having a reportable event.

Two, what is required to give you the level of protection you seek
against breach, regardless of reportable event standards.

Harold



At 02:09 PM 7/15/2006, Roger Safian wrote:

At 11:44 AM 7/15/2006, Valdis Kletnieks put fingers to keyboard and wrote:
>These need to be *seriously* considered when contemplating desktop/laptop
>encryption - I've seen all too many sites totally fail to understand this...

So here's my question.

I always considered encryption an exercise in risk management.
The risk I am trying to prevent is that the theft of a
computer will expose the data to the casual criminal.  I
assume that someone serious about cracking the encrypted
files will simply resort to other, and much more effective
methods of ascertaining the correct passphrase.  So my
question is this, just how long could I expect a passphrase,
of at least 16 characters, composed on ONLY alpha-numeric
characters, to withstand the attack?




--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"


Harold Winshel
Computing and Instructional Technologies
Faculty of Arts & Sciences
Rutgers University, Camden Campus
311 N. 5th Street, Room B36 Armitage Hall
Camden NJ 08102
(856) 225-6669 (O)
Previous By Date Next
Previous By Thread Next

Current thread: