20130907

Review: Internet Encryption

The program that transforms normal text, called plain text, into cipher text (the unintelligible string of characters) is called an encryption program. It is the process of encoding data in such a way that only authorized users can read it. Here the data or information is encrypted using an encryption algorithm, making it an unreadable ciphertext. The process is usually accomplished with the use of an encryption key, which specifies the modus operandi of the data encoding. The authorized users can decode the ciphertext using decryption algorithm, which requires a secret decryption key. There are two types keys used in present encryption system.
 
Private Key: Here the encryption and decryption keys are the same. The communicating users must agree on a secret key before starting communication. It can be difficult to distribute new keys to authorized users in each transaction, while maintaining security and control over the keys. The main disadvantage of private keys is that they do not scale well in very large environments such as the internet. Here, x individual internet clients would require (x(x-1))/2 private key pairs.
 
Public Key: This is a latest technological development, & here the key is meant for anyone to use and encrypt the data/message. However, the receiving user has access to the decryption key, & is capable of reading the encrypted data. Symantec Corporation's 'Pretty Good Privacy (PGP)' is a data encryption & decryption algorithm, & is very often used for signing, encrypting, & decrypting texts, emails, files, directories, & whole disk partitions to increase the security of email communications. PGP follows OpenPGP standard RFC 4880 for data encryption & decryption.

Public key systems provide several advantages over private key encryption methods. The combination of keys required to provide private messages between enormous number of people is very small. If x people want to share secret information with one another, then only x unique public key pairs are required. Each user's public key can be posted anywhere, & does not require any special handling methods. Further, the public key systems make implementation of Digital Signature possible for additional security.The encryption is based on the fact that, it is very difficult to find out the factors of a number in comparison to figure out the multiplication of these two numbers. A computer can multiply two prime numbers very easily, but it cannot revert the result so easily.

Thus the public key encryption system generates large numbers using numbers that only the authorized user or his/her computer knows. The large number can be published online and used to encrypt a message using specific algorithm. In effect, the large number is a digital lock which the authorized user make available to anyone, so they can secure messages in the receiving end. Only the authorized user holds the key to the lock, and hence it does not matter how many copies out there. 

Encryption is also used for transit data protection over networks, mobile phones, wireless systems, bluetooth devices, & bank ATMs. Encryption along with technologies like Message Authentication Code (MAC), & Digital Signature are necessary for protecting integrity & authenticity of data. Encryption and Digital Signature must be applied at the message creation time to avoid hacking.
 
Message Authentication Code: A MAC algorithm or a keyed hash function accepts a secret key, & an arbitrary length of message as input, & outputs a tag or MAC. The MAC value protects the data integrity and authenticity by allowing users (who possess the secret key) to detect any changes to the message content.  Even if a hacker has access to an abstract machine which possesses the secret key & generates MACs for messages (designed by the hacker), the hacker cannot get the other messages without performing infeasible amounts of computation.   

Digital Signature: These are commonly used for software distribution, financial transactions etc. where it is important to detect forgery or tampering. Digital signatures employ public key algorithm for data sent through a non-secure channel, & it gives impression to the receiver that data has been sent from the authentic claimed sender.

A lot of internet users come across this data encryption & decryption process unknowingly, while using Skype for Video Chat or Apple's iMessage or shopping online or donating funds online or Blackberry's messaging and email systems. If a hacker breaks that encryption, simply he will burn you in a jungle. If a hacker can figure out the facors of the big number generated in the encryption and decryption system, he/she will crack the locking arrangement. A key's strength is calculated by the number of digital bits it uses, & the encryption methodology. A 40 bit key encoded with a RC4 algorithm could be cracked in moments. Today, commonly 256 or more bit key is used in the encryption system, which will take thousands of years to crack. Hackers have started to use the power of modern graphics processing units to crack passwords. The latest hacking software can manage 8 billion guesses per second & crack passwords upto 55 characters long.
 
Brand New +++ Dell Precision Workstation T7600


DELL WS T5500 2 X INTEL XEON 6C X5690 3.46GHz 16GB RAM 1 X 300GB HDD QUADRO 6000


 

1 comment:

Anonymous said...

Highly Substansive