How To Guides Org

Create Encrypted File Container For Your Dropbox Installation And Why AES May Not Be “NSA-Safe”

If you are using a shared PC or if you frequently have to access your Dropbox, but don’t want to put the files on a external hard drive without protection, you can create an encrypted container for your Dropbox installation

Has The NSA “Broken” AES and SSL Encryption?

It’s very likely that the NSA not only has a backdoor to decrypt AES-encrypted files. A story that ran on ZDNet revealed:

Paul Kocher, a cryptographer who helped design SSL, thinks so. He told the NYT that although the NSA wasn’t allowed to put Clipper, an encryption system with a built-in security backdoor for the federal government on all PCs in the 1990s, “they went and did it anyway, without telling anyone.”

Source

It very much looks like the NSA doesn’t really give a shit about any constitution or personal rights for that matter.

And if that wasn’t enough and you are using an unknown custom-made encryption, the NSA is easily capable of sniffing any traffic you send via the internet sniffing data from submarine cables.

So, in a nutshell, if you have something to hide (patents, recipes, etc.), don’t go online and keep the data offline indefinitely, secured with a custom-made made encryption system.

Why You May Still Want To use AES Encryption

The average joe does not have access to AES-decryption and if you don’t want 3rd-parties other than the NSA to get access to your data then you should encrypt your most important files, this could be scans of your passport, your passcards or digital wallets.

It would take a lot of time and money to decrypt AES, if it’s at all possible without a backdoor, so it should be pretty secure

TrueCrypt: Most Popular Encryption Tool

TrueCrypt is the most popular encryption tool.

1. Step Download TrueCrypt, a popular encryption tool

2. Step Select one of the drive letters e.g. O:

3. Step Click the button Create volume

4. Step Follow the instructions on the screen, select Create an encrypted file container

5. Step Select Standard TrueCrypt volume. If you want to secure important data, you may want to select Hidden TrueCrypt volume for plausible deniability

6. Step Next, you have to pick a volume location, pick your external drive or USB drive you want to store the Dropbox on.

7. Step You can enter a random file name for this container, so use something random like or a name of a system folder/file that does not quickly catch someone’s attention

8. Step You can also pick from a list of various encryption algorithms. AES-Twofish-Serpent is considered to be very safe. You better look up the details online. There are also various Hash algorithms available, a good choice may be Whirpool. However, keep in mind those two options combined may be very secure but it could take a long time to encrypt data, so look up some of the performance details.

Twofish-Serpent: Significantly lower performance compared to AES

Use KeyFiles!

9. Step I strongly recommend using keyfiles and a 20+ character password for maximum security.

Best practice is to use a password that includes special characters, numbers, uses upper-and-lowercase characters. That and keyfiles would be a very secure combination

10. Step Follow the instructions

11. The next steps involves moving your mouse in random patterns, do it for a few minutes and you’ll be fine. Don’t move it in the same pattern, just move it randomly

Last Step: Install Dropbox And Use Advanced Options To Change Storage Path

When you’re installing Dropbox on your machine, change the path to the mounted encrypted container. This is perfectly secure. It’s a NTFS filesystem, so it doesn’t go easily corrupt and is as secure as your actual hard drive. You only need to remember the password and keep the keyfiles. Print out the passwords and store the keyfiles on a secure USB drive.

Resources

Twofish Encryption