Security Featured Article

Certgate, a Nuremberg-based company that deals in the development and marketing of products and solutions which make the operation of communication devices secure and user-friendly, has reportedly said that cergate PreBoot Authenticator has the capacity to revolutionize full disk encryption.

PC users have sought and used numerous encryption services that are available to them in the market to save their data in the hard disks from malicious access and even the maximum security encryptions are only as good as their weakest link: the password provided by the user. A large number of potential attack scenarios for undermining full disk encryption programs entail ‘cracking’ the password.

Some good encryption programs often ask for long alphanumeric characters with a mix of both special characters and lower and upper cases. Some programs even suggest that the password has to be 20 characters long for it to be super-protected but the disadvantage in this method that users will find it hard to remember longer passwords.

Certgate said that its PreBoot Authenticator is a security token that replaces complex passwords with highly secure two-factor authentication using a smart card and smart card PIN. The passwords of any length are stored into a crypto chip and there the password is not readable and cannot be manipulated. In the pre-boot phase users identify themselves to the token by entering their smart card PIN, and the token then forwards the password to the encryption software. This simultaneously removes another security risk, namely the covert tracking of keystrokes via key-logging.

The company said that the whole process of booting and decrypting the retrieved files is automatic: users simply enter their smartcard PIN and get immediate access to their encrypted directories. The password stored in the card is encrypted with RSA (News - Alert) 2048 bit key making it impossible to read. Secure access is achieved by a comparatively simple smart card PIN and only limited number of false entries is allowed.

The advantages of the certgate (News - Alert) PreBoot Authenticator are: users need not have to remember complexly long passwords; the comparatively short smartcard PIN is easy to remember and therefore doesn’t have to be noted down or saved anywhere – which removes a decisive security risk; the compact PreBoot Authenticator is very compact and almost completely disappears when docked into users’ computer – so that it never breaks or gets lost.

The certgate PreBoot Authenticator functions reliably with the most popular full disk encryption programs. It supports popular open-source tools such as TrueCrypt, as well as professional applications like SafeGuard Easy (from Sophos GmbH) on various operating systems.