Data Encryption


  1. Posts : 2
    Windows 7
       #1

    Data Encryption


    Hello,

    I would like to know how data encryption works. I have encrypted my laptop with DiskCryptor. I would like to know:

    1. the difference between data encryption and setting a system password on boot up.

    2. If someone were to gain access to my laptop and copy a file from my laptop onto his/her computer, then I would like to know whether that file would be encrypted or not ? Would he be able to read the file ??? If yes, then what is the use of data encryption ??? How does this work ???

    Can someone please explain this to me ???

    Thanks a lot.

    ~Maneesh
      My Computer


  2. Posts : 2,465
    Windows 7 Ultimate x64
       #2

    Data encryption is, basically speaking, modifyng the data applying a particular algorithm together with a "key" or "password", so that it becomes impossible to understand it without applying the correct decryption method with the correct password. The idea is that, without knowing the password, a potential attacker will need so much effort to get the files.


    Maneesh Massey said:
    the difference between data encryption and setting a system password on boot up
    They offer different levels of protection. Encryption attempts to make the data difficult to access, while a password on either the OS or BIOS tries to prevent intruders into the system, mostly protecting the system itself from abuse, but not the data.


    Maneesh Massey said:
    If someone were to gain access to my laptop and copy a file from my laptop onto his/her computer, then I would like to know whether that file would be encrypted or not ? Would he be able to read the file ??? If yes, then what is the use of data encryption ??? How does this work ???

    It depends on which type of encryption you're using. I don't know DiskCryptor in particular, but in general, there are of two types: Full disk or per-file.
    With full disk, the whole file system is encrypted, so, without the password, an attacker would not even know which files are there, let alone even read them. If you've choosen a per file encryption, it depends of what files you select to be protected, while everything else is easily accesible.

    It goes without saying that encrypting the file is only as effective as the password. Using an easy to guess one will make all files trivial to decrypt by anyone.
      My Computer


  3. Posts : 2
    Windows 7
    Thread Starter
       #3

    Thanks a lot for responding, Alejandro. So encryption is only better than setting a BIOS or OS password. If an intruder were to gain access to the password, then there is no way to prevent him/her copying files off the system and gaining access to those files. But I thought encryption to do better than this. Encryption should be effective even if an intruder were to copy files from a system and as soon as they would paste them onto their own, the files which were encrypted should show up as gibberish on his/her computer. That would sound better, as the file was encrypted. He should have to decrypt the file in order to even see it. Why does it not work this way ??? Any ideas ??
      My Computer


  4. Posts : 2,465
    Windows 7 Ultimate x64
       #4

    I think you're mixing two things. For one, the password, no matter which security system you have, the password is THE key. Let it fall in wrong hands and the the system will fall (just like in real life, if a thief gets the key to your home, he can simply use it to open the front door himself, without the need to broke it).
    So, for any security systems, the secrecy of the key is the fundamental part, no matter what you do. Everything else can become public, but once the password is known, the system will fall.

    Encryption works precisely that, by turning normal files into gibberish, with some method that only the correct password will convert it back to their original form. You supply that password in normal use, and the files come back in one piece. An intruder provides the wrong password and he gets an error in return. An intruder provides the same correct password you use and he will retrieve the files. That's because the system recognises "the legit user" by the password supplied, not by who's typing it behind the keyboard.

    Then comes the intruder trying to copy files from your system. With a full-disk encryption in place, without the password supplied, the files aren't accesible, the WHOLE system is under encryption, therefore, unusable. It's not that they get garbage copied, they can't even know what is in the drive, the whole thing is gibberish, even the file names, system structures, the data itself, everything, so the attacker cannot even attempt to copy anything. But of course, if the guy knows the right password, the whole disk becomes visible, that's how you decrypt it.

    Other encryption systems work on a file basis, depending on which one you look, they may let copy the encrypted thing or even deny access to it, and then again, the password will let access the entire protected system, as it allows decryption. That's the way encryption is designed to work.

    No idea if that answers your question, hope it does :)
      My Computer


  5. Posts : 2,497
    Windows 7 Pro 64 bit
       #5

    Password controlled access to a computer works well. But it has one weakness. A hacker can remove the drive from your computer and put it in a computer in which he has admin access. Whatever the permissions on the drive, as an admin can take ownership and set whatever permissions are desired. He has full access to all your files.

    Encryption was designed to overcome this problem. A hacker can put the drive in his own computer but this will get him nowhere. Without the means of decrypting the files or drive the contents remain scrambled and useless.

    But be sure you understand the implications of whatever encryption method you use. For example, with NTFS encryption if you reinstall the OS without taking the necessary precautions you will have no access to your files.

    It is always important to have a backup of your files and encryption makes this even more important. Skip this at peril of losing all your data. Never rely on recovery methods as even commercial recovery may fail.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 15:16.
Find Us