In today’s day and age security is a huge requirement for computers.  This is even more important when the data is contained on a multi user computer or a computer that is portable and taken everywhere.  Technologies are available to encrypt and protect blocks of data or even entire hard drives.  People tend to fully trust the security and strength of these packages, for a variety of reasons.  Wikipedia provides a very well documented list of all the variety of encryption softwares available to the general public. Encryption Software on Wikipedia Software available today is loaded with features such as hidden partitions, randomized passwords, full disk and file based encryption. The question arises of just how secure these softwares are even with this seemingly endless array of features.

Encryption today is done a variety of ways that make it very hard to rebuild data without the correct key and algorithm. The currently accepted best publicly available secret key encryption algorithm is the AES - Rijndael algorithm. All these algorithms can be read about further in the Symmetric Key Wikipedia article. These algorithms go through a large amount of testing to try and find out how fast they can be broken. But, one recent paper puts all the current schemes to shame. The old schemes could take days, weeks, or years to break through an encryption algorithm. In a paper recently released by the Princeton Center for Information Policy, located here, a great new method for saving and interpolating passwords was discussed.

The main part of the paper addresses the fact that password keys for even the most secure algorithms are stored in memory. These keys like anything in memory are volatile, but depend on a variety of variables on the speed of which they are removed from memory. Even at room temperatures it may take several seconds for the data to be erased from memory. On that page there is a link to an introductory blog post. In this post they discuss that even if a good amount of the data has already degraded it can be interpolated. Using interpolation technologies that in many ways similar to what we have been discussing in class allow the researchers or anyone to figure out the password from data that has been degraded several percent. The researchers go on to say that using a CO2 air canister, which can be bought at any computer supply store, the RAM can be cooled down significantly allow the RAM to even be moved to another computer for data extraction and password interpolation.

This is a very serious problem, because now in addition to securing the data, the password must be secured in the local memory. The passwords need to be destroyed or encrypted in such a way that even with advanced interpolation techniques the passwords cannot be recovered. Possible solutions that are discussed on this page include: zeroing out the RAM at various times or making the password expire after a set amount of time. Like we have seen in class, interpolation techniques can be made very ineffective when data is severely corrupt or missing large sets. Splitting up the key in a way so that interpolation could not be possible is another possible solution to fixing the problem.