5.5 Summary Tables
Table 5.1: Attack Summary
Attack |
Security Problem |
Prevalence |
Attack Description |
A-33. Retrieve original plaintext |
Recover hidden information |
Trivial |
Retrieves the plaintext file used to produce an encrypted file |
A-34. Magnetic data retrieval |
Recover hidden information |
Sophisticated |
Uses laboratory techniques to retrieve overwritten data from a magnetic surface |
A-35. Disk scavenging |
Recover hidden information |
Trivial |
Uses "undelete" software or browser to locate sensitive data in plaintext form |
A-36. Home-grown encryption algorithm |
Recover hidden information |
Sophisticated |
Find and exploit a weakness in the encryption algorithm to decrypt the data in a practical amount of time |
Table 5.2: Defense Summary
Defense |
Foils Attacks |
Description |
D-33. Overwrite original plaintext |
A-33. Retrieve original plaintext |
Write other data over the data in the plaintext file that is to be protected by encryption |
D-34. Three-step overwriting |
A-34. Magnetic data retrieval |
Use a three-step process to overwrite the data in a plaintext file to make it harder to recover |
D-35. Volume encryption |
A-35. Disk scavenging |
Encrypts all information on a disk volume so that nothing is left in plaintext |
D-36. Open review of encryption algorithms |
A-36. Home-grown encryption algorithm |
Use encryption algorithms whose capabilities have been thoroughly analyzed and discussed by the open cryptography community |