I’ve leaning towards the idea that a usb memory stick would be a bad idea. Assuming theres no secret backdoor, right???(like some encryption software) What happens if a usb memory stick breaks?
I came up with this idea of thought because my usb stick isn’t working anymore (lost some backup software).
Im sure the solutions is obvious to the comodo staff, but I don’t see. Maybe I’m not thinking hard enough
Melih stated a while back, that there is NO backdoor whatsoever. Not even COMODO can access it.
On the CDE site, it shows two two authentication types to choose from.
Pleading ignorance about the actual workings, I would guess the Comodo software allows some kind of duplicate key file. It would be crazy to not account for the inevitable problems when files or software stored on disk are corrupted by bad sectors or USB wearing out the flash memory.
That’s the risk of all disk encryption apps.
While no software can rescue a badly enough damaged disk, I believe Truecrypt has a partial solution to this problem of corrupted media.
From their FAQ:
“In encrypted data, one corrupted bit usually corrupts the whole ciphertext block in which it occurred. The ciphertext block size used by TrueCrypt is 16 bytes (i.e., 128 bits). The mode of operation used by TrueCrypt ensures that if data corruption occurs within a block, the remaining blocks are not affected.”
See also the question 'What do I do when the encrypted filesystem on my TrueCrypt volume is corrupted?:
“File system within a TrueCrypt volume may become corrupted in the same way as any normal unencrypted file system. When that happens, you can use filesystem repair tools supplied with your operating system to fix it. In Windows, it is the ‘chkdsk’ tool. TrueCrypt provides an easy way to use this tool on a TrueCrypt volume: First, make a backup copy of the TrueCrypt volume (because the ‘chkdsk’ tool might damage the filesystem even more) and then mount it. Right-click the mounted volume in the main TrueCrypt window (in the drive list) and from the context menu select ‘Repair Filesystem’.”
I seem to recall that when using a USB device, users often have the actual program which is small on the storage device wiith the encrypted data. NOT itself encrypted of course… That allows them to run the program and decrypt data.
These features make loss of the encrypted data relatively small risk. After all you can make MANY copies of the encrypted data and strew them about since the encryption is extremely strong. Your risk is losing all the copies/ usb devices!
For all kinds of authentication you might of course have a password file lisiting all your many passwords, but encrypt that file on the stick, and thus keep it secure. That could include a password (a VERY long key) for the any site or for other encrypted data! In such a case you would probably want to keep several such USB sticks with the encrypted key and or passwords. After all your biggest danger is LOSING the ■■■■■■ USB stick. Well except for forgetting your password of course… The cipher and your ONE master password for this USB key would securely protect the data!!!
I have no idea whether Comodo has any of these features, but surely those clever devs have solved this kind of problem at least partially.
The USB key acts like a security Token. The USB key contains the encryption key. If the USB key is broken, the User is able to generate a new USB key using “Backup Restore encryption settings” tool. For safety, after the encryption process is done, the user should backup the encryption settings into a configuration file, using the backup tool. Using this configuration file the user is able to create a copy of the USB key.