Technology news and Jobs arrow VIRTUALISATION arrow Are low bit levels compromising encryption?
Are low bit levels compromising encryption? E-mail
by Davey Winder   
Wednesday, 03 June 2009
Would you use a chocolate teapot to protect your data? Guess what, you might be doing just that.

According to Origin Storage there is plenty of evidence to suggest that a growing number of organisations are now adopting data encryption, no doubt partly in the wake of a huge number of high profile data losses that we have all been reading about.

Featured Whitepaper

5 Best Practices for Smartphone Support
The RAF recently lost potentially compromising data on a number of personnel, US Army files have been found on an auctioned off MP3 player, and the average cost of a data breach is probably a lot more than you might imagine.

Andy Cordial, Managing Director at Origin Storage, reckons the big question remains "whether the public and private sector organisations adopting data encryption - particularly on their laptops and other portable storage devices - are employing the most powerful levels available."

His comments come at the same time as the National Institute of Standards and Technology (NIST) in the US are recommending that companies should not consider using 1024-bit RSA encryption from 2010, as rapidly-accelerating brute force decryption methodologies make this too dangerous.
 
Microsoft, for example, has followed one NIST recommendation (in part three of NIST's Special Publication 800-57) and agreed to remove support for 1024-bit roots from its root certificate key-store as of January 1, 2011.
 
So what level of encryption should you be using, just to be on the safe side? Well, according to Cordial firms should be considering 2048-bit as a lower limit. Especially where data is stored on a portable device of any kind.

"It's all very well organisations embracing encryption to protect confidential data" Cordial insists "but if they are using a basic level of encryption, chances are their data can still be decoded by an accelerated brute force password attack."

"Since we know how difficult it is to get approval to sell into specific government areas" Cordial concludes "there is a strong chance that the antiquated approvals process may end recommending an encryption technology that will be about as much use as a chocolate teapot."

Tags See All Tags


Data  Davey Winder  Encryption  Security 
Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

...More

Today on iTWireToday on iTWire

Latest news
Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines , White Papers