UrlBlogGrey

We own two Macs (12" Powerbook, Mac Mini) at home, and I've come to enjoy the convenience and security of storing account credentials (usernames, passwords) in the OS X "Keychain" application. I prefer to use the Keychain instead of a commercial third-party product mostly because it is integrated with the OS and is free. However, it's difficult to securely share a keychain file containing credentials across two or more computers. Putting this information on a network-accessible location is a bad idea. So, I've decided to follow the paradigm of the traditional keychain by purchasing a USB flash drive that I can attach to my real-life keychain. This will ensure that the digital keychain is bound to my physical keychain, which should always be on or near my person. But the question remains, how do I secure information on the keychain so that if someone gains physical access to it they won't be able to view to my digital credentials?

I would prefer to encrypt the entire contents of the drive since I may choose to store other sensitive information on it besides my keychain. This is akin to carrying a "digital safe" attached to one's keychain. If the keychain is lost, the information on the drive stays safe unless the password is discovered. Since I use a Mac, I can take advantage of the encrypted disk image capability present in Mac OS X Panther and Tiger. The disk image is encrypted at the OS-level using Advanced Encryption Standard (AES) military-grade encryption with 128-bit keys. Mac OS X also offers the ability to encrypt all of the files in your home directory automatically with AES using the FileVault feature.

I asked Natalie about the difference between using 128-bit and 256-bit keys. Obviously, a 256-bit key is more difficult to break than a 128-bit key. But is it overkill? She said that many security experts think that information security requirements are dependent on whether the information is "at rest" or "not at rest". When at rest, such as on a hard disk or flash drive, it is less vulnerable to attack. If it is not at rest, such as being transmitted over a local network or the Internet, it is more vulnerable to attack or theft. Natalie said that the issue of "rest" is intensely debated in the security field since one could argue that information is never really at rest.

I looked at different USB flash drives on the market and noticed that Lexar offers a Secure Jumpdrive model featuring 256-bit AES encryption. Lexar's software drivers must be installed on the computer in order to access or manage a secure flash drive. I find this a big negative since I don't know Lexar's reputation as a software manufacturer, especially with regards to encryption. Also, it is not possible to install drivers on machines that are part of a managed environment (i.e. work, internet cafe, etc.). It turns out that Lexar has made some serious errors in the security implementation of their 1.0 release. This doesn't bode well for the Secure Jumpdrive. What good is a 256-bit key if the password can be accessed by an attacker within a matter of minutes?

Since the encryption is bound to be in software, I've resolved to use a software feature implemented at as low a level as possible, such as with Apple's encrypted disk image. I'm guaranteed to be able to securely access the image on any Mac without installing additional software. Plus, the odds are that if the drive got into the wrong hands, they wouldn't have access to a Mac and thus couldn't access the drives contents to begin with. I've purchased a Sandisk Cruzer Micro flash drive which should discreetly fit on my keychain, and will use an encrypted disk image to secure my keychain and other personal data.