Encryption for protection
About Complex Encryption
Encryption is the art of concealing a message from everyone except the person intended.
Systems for hiding messages from all but the intended recipient, have been used for thousands of years.
Famously one of the earliest examples is called the Caesar Cipher named after the great Emperor.
He used this cipher to send messages to his army generals and his good buddy Caesarea
A system used to hide messages is usually using a encryption method. Encryption systems are called Ciphers
When a message is encrypted in appears garbled or looks like some thing else completely.
using the follow in an example of the Caesar cipher in action.
If I need to send a message to Ceasar that the latest conquest is won, I may send
the message Victory
But to conceal the message I would sent. In theory neither the messenger nor spies the enemy would be able to read this message.
(I would need to send this in the language of the day of course – Latin)
This is an early example of encryption and is known as the ROT3 cipher.
This is because the cipher text is produced by shifting – ROTating the letters three place to the right in the (Latin) alphabet.
This type of cipher is known as a substitution cipher because the letters are simply substituted with others to produce the cipher text.
When Caesar received this message, his cryptoanalysis would replace each letter in the crypto text with the letter from the alphabet shifted 3 place to the left.
The Caesar cipher is represented mathematically like this.
C = (P +3) mod 26 is the formula for creating the ciphertext.
P = (C – 3) mod 26 is the formula for decryption back to plain text.
The of course is that you need to key the decryption and encryption method secret.
Modern encryption is far more sophisticated and even though you may know the actual formula – the cipher – used to produce the encrypted message it is still near impossible to work out what the original message was.
Why is this ?
Caesar / Rot 3 cipher is obviously not a very strong cipher and the message in this example can be decrypted by pure common sense if you have any idea what to expect.
It is fairly easy to modify this cipher, if you suspect you enemy knows the key to decrypting all of you messages.
For this simple example we can change the key in this case 3 (the key) to 4. That should fool the blighter’s. (At least for now).
Despite the simplicity of the example it had much in common with today’s most commonly used cipher algorithm AES (Advanced encryption standard).
The Advanced Encryption Standard algorithm is Defined and created by Ronald Rijndael, one of the founders of RSA (RSA Security is named after three brilliant mathematicians (Ronald Rivest, Leonard Adleman, and Adi Shamir)
AES is mostly commonly used in secure USB drives because it is very secure – Can support encryption strengths up to 256 bit, fast – Ciphers use extremely large numbers and can be very CPU intensive.AES however is designed to be very efficient while maintaining very strong security.Flexible – Can be easily implemented in either hardware or software.
AES like the rot 3 examples about the cipher above use a key to encrypt messages.The bit that, tells the crypto analyst how to encrypt and how to decrypt messages.
This key is the password that you use to lock your data away from prying eyes. Of course all the advanced technology and crypto strength in the world is useless if you use a weak password that someone can guess or give the password to someone.
How to create strong passwords or passphrases.
Choosing a strong password is all important for security of your data. As a rule you should never give your password away to anyone, additionally you should ensure that it cannot be easily guessed by people around you.
Bad password choices includes:-
Favorite football team and the year that team won the FA cup.
Your children’s names
Favorite of popular films
Names of celebrities or well know sportspeople
Anything you talk about regularly, favorite cars, football teams etc
NB If you work with the same people for a while it has been shown that eventually you will know so much about each other that it gets easier make an accurate guesses at what that person might choose for a password.
Mike Meyers CISSP Passport