The Nuremberg IT security enterprise certgate GmbH is presenting its latest development in the optimization of popular disk encryption programs. The certgate PreBoot Authenticator is a security token that replaces complex passwords with highly secure two-factor authentification using a smart card and smart card PIN.
-----------
People who want to protect the data stored on the hard drive of their PC or laptop from opportunistic or malicious access nowadays usually rely on one of the numerous hard disk encryption programs available on the market. “On-the-fly” encryption with up to 256 bit keys provides maximum security. But like every cryptographic application, full disk encryption is only as safe as its weakest link: the password provided by the user. A large number of potential attack scenarios for undermining full disk encryption programs entail “cracking” the password.
In order to be prepared for brute force attacks as well as so-called “social engineering”, long alphanumeric passwords are required that are as random as possible and which include both special characters and a mix of upper and lower case. TrueCrypt, one of the most popular encryption programs, recommends at least 20 characters. But who can remember a password that long, let alone enter it without making a mistake?
This is exactly where the certgate PreBoot Authenticator comes in: the security token based on the certgate SmartCard microSD saves passwords of any length and complexity on its crypto chip. Here the password is not readable and cannot be manipulated. In the pre-boot phase users identify themselves to the token by entering their smart card PIN, and the token then forwards the password to the encryption software. This simultaneously removes another security risk, namely the covert tracking of keysrokes via keylogging.
In contrast to traditional dongles, the certgate PreBoot Authenticator meets the highest security standards. The password is asymmetrically encrypted with an RSA 2048 bit key and is thus practically impossible to read. Access is sufficiently secured using a comparatively simple smart card PIN, since there is a limit to the number of false entries allowed.
This makes operating full disk encryption programs considerably more user-friendly. It is no longer necessary to remember or enter long passwords. Instead, two-factor authentification ensures greater security for the “weak spot” in encryption applications and eliminates the most important point of attack used by hackers.
Thanks to its extreme compactness (15 x 2.5 x 17.5 mm) the certgate PreBoot Authenticator almost completely disappears from view into the USB port. It can be used with all operating systems and functions reliably with all relevant password-based full disk encryption programs.
Naturally, all the other features of the certgate SmartCard solution for Windows can be used with the PreBoot Authenticator. This includes Windows Smartcard Logon, internet security and email encryption as well as, in combination with other applications, VPN clients, the Adobe document signature and other functions which are based on certificates.
The certgate PreBoot Authenticator will be shown next at the CARTES & Identification 17-19 November in Paris.
Interested parties can get their personal invitation with all event details by contacting: cartes@certgate.com .
certgate at the CARTES & Identification, Paris:
17 to 19 November 2009, Hall 3, Stand C041.
We look forward to seeing you!
-----------
People who want to protect the data stored on the hard drive of their PC or laptop from opportunistic or malicious access nowadays usually rely on one of the numerous hard disk encryption programs available on the market. “On-the-fly” encryption with up to 256 bit keys provides maximum security. But like every cryptographic application, full disk encryption is only as safe as its weakest link: the password provided by the user. A large number of potential attack scenarios for undermining full disk encryption programs entail “cracking” the password.
In order to be prepared for brute force attacks as well as so-called “social engineering”, long alphanumeric passwords are required that are as random as possible and which include both special characters and a mix of upper and lower case. TrueCrypt, one of the most popular encryption programs, recommends at least 20 characters. But who can remember a password that long, let alone enter it without making a mistake?
This is exactly where the certgate PreBoot Authenticator comes in: the security token based on the certgate SmartCard microSD saves passwords of any length and complexity on its crypto chip. Here the password is not readable and cannot be manipulated. In the pre-boot phase users identify themselves to the token by entering their smart card PIN, and the token then forwards the password to the encryption software. This simultaneously removes another security risk, namely the covert tracking of keysrokes via keylogging.
In contrast to traditional dongles, the certgate PreBoot Authenticator meets the highest security standards. The password is asymmetrically encrypted with an RSA 2048 bit key and is thus practically impossible to read. Access is sufficiently secured using a comparatively simple smart card PIN, since there is a limit to the number of false entries allowed.
This makes operating full disk encryption programs considerably more user-friendly. It is no longer necessary to remember or enter long passwords. Instead, two-factor authentification ensures greater security for the “weak spot” in encryption applications and eliminates the most important point of attack used by hackers.
Thanks to its extreme compactness (15 x 2.5 x 17.5 mm) the certgate PreBoot Authenticator almost completely disappears from view into the USB port. It can be used with all operating systems and functions reliably with all relevant password-based full disk encryption programs.
Naturally, all the other features of the certgate SmartCard solution for Windows can be used with the PreBoot Authenticator. This includes Windows Smartcard Logon, internet security and email encryption as well as, in combination with other applications, VPN clients, the Adobe document signature and other functions which are based on certificates.
The certgate PreBoot Authenticator will be shown next at the CARTES & Identification 17-19 November in Paris.
Interested parties can get their personal invitation with all event details by contacting: cartes@certgate.com .
certgate at the CARTES & Identification, Paris:
17 to 19 November 2009, Hall 3, Stand C041.
We look forward to seeing you!
