Today I will write about encryption. A few weeks ago I had an interesting conversion regarding TPM chips. Many of us think that, TPM chip is a holy grail in Information Security. We enable Full Disk Encryption, put the key to the TPM chip and we are safe.
A few months ago I also thought the same. If we encrypt everything with big keys we are safe, and protected.
After this point I was attended to Cryptography I. Course (Stanford University) at Coursera. The first exam was a decryption task from different hashes which was encoded with an 1024 byte length key. In general, I was able to decrypt the original sentences with paper and pencil. This example showed me that if we use the same key for the same purpose a lot, we are continuously weaken the protection. On the other hand, if we use known words which used on a computer a lot it weakens the encryption quality.
The question is that, do we have any word which repeated many times?
How much of the same kind of documents, files are we storing on the same encrypted volume?
.docx, .doc, .xls, .xlsx, .zip, .msg
All of these file header has the same pattern!
Now we can look the other part of this question. What brute force capability has a modern machine? A GPU? An FPGA? The Cloud? A Botnet with a few million of computers? (How much of them has GPU?)
I can just imagine that what level of computing power has the NSA, or GCHQ.
How can we keep our data secure? DO NOT PLACE SENSITIVE DATA on places which connected. Try to leave your data on secured places like the closed office environment.