CERBERUS HOME ICON
CERBERUS

THE NEED
Vulnerabilities Threats Countermeasures

PRODUCTS
Document Security

STANDARDS
FIPS PUB 140-1
DOD 5220.22-M
NCSC TG-25
FIPS PUB 81
FIPS PUB 180-1
DOD 5200.28-STD

TUTORIALS
INFOSEC
Cryptosystems
Passphrases
Windows® Leaks
System Settings

DOWNLOADS

QUESTIONS?
E-MAIL


AMEX WELCOME

CERBERUS SYSTEMS, INC.
Windows®-compatible encryption
ENCRYPTION vs WINDOWS®
AN INTRODUCTORY TUTORIAL

US export controls limit the workfactor ("cracking" resistance) of encryption that can be provided by globally marketed software. Responsible firms comply by overtly leaking enough bits of the otherwise-too-strong encryption key. Less responsible marketers merely use a weak cipher (encryption algorithm). This has led to less than full disclosure about what does, or does not, constitute strong encryption software.

The unintentional covert leaks in the Windows® operating system pose even greater threats. Forensic software exploits those leaks for computer evidence recovery in law enforcement; for discovery in litigation; and for industrial espionage. It can bypass any encryption, unless the cryptosystem includes specific functions to plug those leaks.

Many encryption software products, though they encrypt with strong ciphers, do not include such functions. They were designed for e-mail COMmunications SECurity between secure systems, rather than for secure data storage on unsecure systems.

The underlying architecture of all Windows® PCs makes it fundamentally impossible for add-on products to transform one into a secure system. You can cryptographically secure your data, but only if the encryption can't be bypassed by forensic software.

The following tutorials outline our approach to the design of high-grade cryptosystems for the security-hostile Windows® environment, and guidelines for their secure use.


INFOSEC and WINDOWS®
COMPUSEC
TRUSTED SYSTEMS
CRYPTOGRAPHIC SECURITY
CRYPTOGRAPHIC STANDARDS
IMPLEMENTATION
OPERATING SYSTEM

CRYPTOSYSTEMS and KEYS
CODES and CIPHERS
MODERN CIPHERS
DATA ENCRYPTION STANDARD
TRIPLE-DES CIPHER
EXPORT CONTROLS
KEY GENERATION

PASSPHRASES
VULNERABILITIES
YOUR CHOICE
SHARED SECRET KEY SHARES

WINDOWS® SECURITY LEAKS
DELETE DOESN'T
DEFRAGMENTING
DIGITAL SCRAPS
WRITE-BEHIND CACHE LEAKS
FILENAME LEAKS
THE SWAPFILE
UNAUTHORIZED COPIES
SYSTEM CRASHES

CONFIGURING YOUR SYSTEM
YOUR TEMP SPACE
YOUR SWAPFILE
OPERATIONAL SECURITY


Cerberus Systems, Inc. develops, manufactures and markets
software cryptosystems designed to level 1 of FIPS PUB 140-1
with DOD 5220.22-M disk data recovery countermeasures.

The Cerberus logo and the ...Security Manager product names are trademarks of Cerberus Systems, Inc.
© Copyright 1997-99, all rights reserved.