Problem solve Get help with specific problems with your technologies, process and projects.

How to prevent operating system cloning with AES 256-bit encryption

Reading a binary image file and cloning a system can lead to serious data loss. Learn how to prevent this from happening with this advice from network security expert Mike Chapple.

Do you know of a mechanism to prevent a binary image from being read on an embedded piece of hardware and copied onto another piece of hardware and run, thus cloning the system?

The best way to prevent operating system cloning (and any other form of data theft) is through the use of encryption....

You didn't specify what type of device you're referring to, so you'll have to consult the manufacturer for specifics on how to implement it. Generally speaking, you'll need to purchase an encryption package and, depending upon the size of your implementation, may also wish to consider using a key escrow service to ensure key recovery in the event of a device failure.

For this particular scenario, you'll need to think about the best way to handle the data encryption keys. If you're worried about the physical security of the device, you won't want to store the key on the device, as it would be stolen at the same time. One successful technique I've seen involves storing encryption keys for hardware devices (especially secure telephones) on a removable device that the user keeps on his or her person. When the user wishes to activate the hardware device, he or she inserts the removable device, providing the encryption key.

For more information:

This was last published in July 2009

Dig Deeper on Disk and file encryption tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.