How is the ADAM instance used by Encryption Anywhere secured from spoofing?

Article:TECH151189  |  Created: 2006-06-26  |  Updated: 2007-01-31  |  Article URL http://www.symantec.com/docs/TECH151189
Article Type
Technical Solution


Issue



How is the ADAM instance used by Encryption Anywhere secured from spoofing?

Solution



Question:
What security measures have we designed to eliminate the possibility of spoofing the ADAM instance that contains the Encryption Anywhere encryption keys? What prevents someone from creating a second ADAM instance that "pretends to be the Encryption Anywhere ADAM instance" and thereby gets the user's WEK or other critical data related to Encryption Anywhere Hard Disk encryption?

Terminology used:
Active Directory Application Mode - ADAM
One Time Password Program - OTP

Answer:
Any encryption key that is transmitted to ADAM is encrypted with the OTP Program public key on the client before it is transferred to ADAM. This means the encryption keys, including the WEK, travel encrypted and are received by ADAM encrypted. Thus, all spoofing could hope to attain is a bunch of encrypted keys that would be of no value.

In order to decrypt the keys on ADAM, one must have access to the Administrator OTP Program. The OTP Program is stored on ADAM and in order to use it, a person must first gain access rights to ADAM and then they must know the OTP Program administrator password. The OTP Program administrator password can be changed as often as needed.


Legacy ID



634


Article URL http://www.symantec.com/docs/TECH151189


Terms of use for this information are found in Legal Notices