Chris De Herrera's Windows CE Website

Discuss.Pocket PC FAQ Forum

Add Pocket PC FAQ to your Favorites
RSS    RSS Feeds
Wiki    Lost?
Custom Search
Subscribe    Print
Table of Contents
Mobile Format

[an error occurred while processing this directive]

Pocket PC Magazine Best Site

Website Awards
Website Updates

By Chris De Herrera 
Copyright 1998-2007
 All Rights Reserved
A member of the Talksites Family of Websites

Windows and Windows CE are trademarks of Microsoft
and are used
under license from owner.
CEWindows.NET is not
associated with Microsoft 

All Trademarks are owned
by their respective companies.

Protecting Your Data with Encryption
By Chris De Herrera, Copyright 2005
 Version 1.00  Revised 8/9/2005

[an error occurred while processing this directive]

I am sure that anyone that has been listening to the news for the past year has realized that corporations need to do more to protect their data. Security breaches at financial institutions and credit card processing centers demonstrate the risk of exposing non-public personal information to a hacker. Also with Mobile Devices when they contain all your contacts, imagine what damage a competitor can do with your list? A critical component to the solution to protecting your company�s data on your mobile device is encryption. Even though your company may have security standards, you should be aware of these controls and ensure that your data is secure. This article covers where you can use encryption to restrict access to the data stored on or transmitted from your device.

What is Encryption?

Encryption is a way to make data unreadable to others however still allows users to access it. It requires the user or system to have a specific key and software to decrypt the data. There are a couple of standards for encryption you should be aware of in this discussion. Encryption uses the CPU of the computer intensively to perform the encryption and decryption. So when you use encryption the computer system is slowed by performing the encryption and decryption and the size of the data may increase. These are the main reasons why all data is not encrypted today. Generally the longer the encryption key the harder it is for the encryption to be broken by trying all possible permutations of the key.

What Encryption is Used when you access a Website?

When you visit a website that uses HTTPS (or SSL), it is using a digital certificate issued by an authorized company to allow you to access the website. This is accomplished using a digital signature with the certificate which you can see on your desktop by clicking File � Properties and click on the Certificates button. Originally the web browsers supported 56 bit and 128 bit encryption keys because the United States restricted the export of 128 bit encryption however today the standard is 128 bits. Also some companies now use locally signed certificates. These locally signed certificates need to be installed on each Pocket PC or Smartphone to access internal websites or Exchange 2003.

What is the 3DES Encryption Standard?

Triple Data Encryption Standard (3DES) is the most common encryption standard used in the enterprise today. 3DES is where 3 different 56 bit keys are used to encrypt the data three times. Since 3DES uses a 168 bit key which is long enough that it is not easy break. It is most commonly used in Virtual Private Networks.

What is the AES Encryption Standard?

AES is the Advanced Encryption Standard. It uses 128 bit symmetrical blocks to encrypt the data. So you can have AES128, AES256 AES384, etc. by increasing the key size by 128 bits. It has been adopted by the United States Government as the official standard for encrypting data.

What is the Blowfish Encryption Standard?

Blowfish is an open source encryption standard that is used in Linux applications such as Secure Shell. It supports encryption keys of varying lengths with 512 and 1024 being commonly used values. It is optimized to run on 32 bit operating systems so it is faster to encrypt and decrypt than other encryption standards. Since it is an open source solution many developers have adopted it.

What Are Wi-Fi Encryption Standards?

Wired Equivalent Privacy (WEP) is the minimum encryption standard for Wi-Fi. It supports both 64 and 128 bit encryption. However it can easily be broken due to a limitation in the design of the protocol. This is the reason why Wired Protected Access (WPA) was created. WPA uses the temporal key integrity protocol which provides the keys with an integrity check to ensure they are not tampered with.

What Built-In Applications can use Encryption?

On the Pocket PC and Smartphone, you can use the SSL encryption when visiting a website. Additionally the Pocket PC supports the use of 3DES encryption to access a Virtual Private Network as well. Also, you should be aware that with Pocket PC 2002 and Windows Mobile 2003 and Windows Mobile 2003 Second Edition you can install additional root and local certificates. Also, with Windows Mobile 2003 and later Microsoft now supports encrypting Wi-Fi connections using WEP, WPA and EAP. Beyond theses examples, Microsoft provides the CryptoAPIs to allow developers to create custom applications to support encryption. These APIs provide support for DES and 3DES encryption.

3rd Party Applications that use Encryption

For example, you can use 3rd party Virtual Private Network clients from Cisco, CheckPoint and AnthaVPN/MovianVPN to allow you to securely access your company�s network when you are out of the office. You can also use encryption to protect files stored on your Pocket PC or storage card. Examples include Pretty Good Privacy (PGP), AirScanner Mobile Encrypter. Also, there are 3rd party applications to encrypt all data stored on your Pocket PC. These applications include Sentry 2020, CryptoStorage, Asynchrony: PDADefense, F-Secure: FileCrypto Enterprise, Pointsec Mobile Technologies: Pointsec for Pocket PC 2.0, Trust Digital: PDASecure, and Utimaco: Safe Guard PDA. Also, you can use Secure Shell (SSH) to access a Linux computer, router or firewall.

Go Ahead and Use it!

Whenever you are storing or transmitting data that needs to be kept confidential, I highly recommend using encryption. As with any security mechanism, periodically you will need to reevaluate the level of security that the encryption provides. Over time, I expect that users will have the option to encrypt all data and that vendors will focus on providing easier tools to enable them to encrypt data..

[an error occurred while processing this directive]

Return to Chris De Herrera's Windows CE Website