Note: Sample below may appear distorted but all corresponding word document files contain proper formattingExcerpt from Term Paper:
With the ever-increasing amount of information traffic on the net (LAN, WAN, etc.) there is a corresponding increase in the risk of vital data falling into the wrong hands. Data encryption is a technology that provides for a safe, secure and private information exchange.
The advancement of computer technology has bought a paradigm shift to our mode of communication. The Internet has managed to overcome all the geographical limitations and reduced the whole world to sort of a global village. The Internet has bought a whole new perspective into all walks of life. We are in a period where increasingly businesses are getting done online. The unprecedented growth of Internet and the global market that it promises has driven businesses all over to world to into ecommerce. Today most businesses carry their transactions online. This new technological revolution however is not without its loopholes. Hackers are on the increase and the net seems not all that safe and confidential. Data encryption is a technology that provides for a safe, secure and private information exchange. It safeguards us from the plethora of hackers and snoopers who try to misuse their technical expertise to intrude into our privacy and obtain confidential information. Let us analyze data encryption in a little detail.
Basically encryption is a mechanism by which data which is exchanged between two systems is made unintelligible for anyone other than the intended person. Usually cryptographic algorithms are used to effect encryption or decryption. In this way even though data passing on the network is accessible for anyone it is not discernible and hence cannot be used for malicious purposes. Only the person for whom it is intended will be able to decipher it. Encryption is a software process and it makes data exchange safe and secure. In the early days encryption was primarily based on a translation table. (Classical Encryption). Every byte of data is used to offset the position in the translation table and the corresponding translated value is entered into the communication network. The decryption program at the receiver's end would again look for the matching entries in its own translation table and thus translates original data back from the encrypted form.
Compared to modern day keybased encryption systems this classical method of encryption is relatively faster but it is not that secure as a hacker only needs to know the translation table to decrypt the message. Masking and Veiling are the two main techniques employed in these classical encryption systems. 'Masking' is the method where the data items are substituted to ensure that they are incomprehensible. In the case of 'Veiling' technique the data items are not substituted as such but they are interleaved with other message packets that radically alters the meaning of the message. There are many classical systems of cryptography. Let us now see a few of them before going into the Keybased encryption systems. [Thinkquest Team]
This is a system where the data elements are simply repositioned based on a common key. The technique is to choose any keyword and to assign numbers to characters in the keyword based on the ascending order or the position it has on the alphabetic sequence. The message that needs to be encrypted is written right beneath the keyword and the characters are repositioned based on the order of the numbers. Transposition is essentially a simple technique and hence it is not robust enough for high security data encryption needs. It is mainly used as part of other complex encryption systems.
A bit more advanced of form of the transposition method is the double transposition method. The technique involved is almost the same. The keyword is chosen and numbers assigned to it according to the alphabetic position. Here the encryption is achieved not by the repositioning of the individual characters of the data stream but rather by the repositioning of the columns of data making it totally imperceptible for the sly snooper. The encrypted message is either fully uppercase or fully lowercase to avoid giving away the number of words contained in the encrypted message. There are many other encryption systems like Pig Latin, Grille, Vigenere etc. [Thinkquest Team]
The modern cryptographic techniques employ key-based secrecy and the algorithms by themselves are public. This is the technique, which is currently in vogue. Keys are particular values, which allow us to decipher the data from the encrypted form. Key to the particular encryption system allows encryption of data at the sender's end and decryption at the receiver's end. By trying out all the different key combinations a queer snooper can easily decipher the encrypted message. Choosing a bigger key increases the security. The more number of bits in the key the safer the encrypted message. Presently there are two main types of key-based encryptions. They are the 'Symmetric' key encryption and Public key encryption.
Symmetric Key Encryption
Symmetric key encryption requires that any two computer systems that wish two communicate have the common key or code installed for the purpose of encryption and decryption of the message. Using this key the sender can encrypt the message and send it over the network to the desired destination. At the destination computer the user simply decodes the message using the code. In this way unauthorized deciphering of the message is prevented. Even though a perpetrator can get access to the encrypted message it will appear meaningless to him and hence he cannot cause any real damage. [Jeff Tyson]
Public Key Encryption
Also known as 'Asymmetric' encryption, this system involves the use of a public and private key encryption combination for exchanging information. The essential idea is to have a public key, which can be published to anybody on the net. Any computer needing information must send its public key to the other system. At the other end the encryption is done using the received public key and sent back to the requesting computer. Using his private key the receiver decrypts the message. So we see an effective combination of public and private keys to effect secure communication. A good example of Public key encryption is the SSL (Socket Security layer) protocol.
Socket Security Layer
SSL protocol is composed of two sub-protocols, the SSL Record Protocol and SSL Handshake Protocol. SSL Record Protocol deals with the format in which data is transmitted. The Handshake protocol on the other hand determines the session key or the secret key. As soon as the server is authenticated, the client creates a 'premaster secret' for the particular session. The server on its part decrypts the premaster (using its private key) to generate the master secret. This is used to decide upon the session key. Once the session key is created the server sends it to the client and data transfer is initiated by encrypting using the session key. [BPLNET.com]
Data Encryption Standard abbreviated as DES represents the federal information-processing standard. (FIPS). The DES is basically a symmetrical algorithm. Originally developed by IBM, it was adopted in 1977 by the U.S. government. The algorithm used 56 bits of the 64 and had 19 distinct stages. The first stage is the transposition of the 64-bit plain text and the final stage is the exact opposite of this. The rest of the stages are identical and controlled by the different functions of the key. This algorithm permits the use of the same key for both encryption and decryption. [Jeremy T. Teitelbaum]
Key length and Security
Key length plays a significant role in increasing the security of the encryption algorithm. Usually hackers manage to stumble upon the correct key combination by performing what is known as the brute force attack. Essentially this technique involves the working out of all possible combinations of the key. So for greater security it is essential to have a large key. "In cryptography, size does matter. The larger the key, the harder it is to crack a block of encrypted data." Says Gary Kessler an expert in the field. This makes it all the more difficult for the potential hacker to break the encrypted message. This is mainly because adding a bit to the encryption key increases the number of possible combination of the key by huge proportions. According to Kaufman, Perlman and Speciner, "Increasing the length of the key by one bit makes the good guy's job just a little bit harder, but makes the bad guy's job up to twice as hard (because the number of possible keys doubles)." [Loraine C. Williams]
However currently many experts opine that the 56 bit DES security is insufficient to meet the security demands of todays critical applications. Jim Bidzos, the president of RSA Data Security, Inc. states, "It has been widely known that 56-bit keys, such as those offered by the government's DES standard, offer only marginal protection against a committed adversary." So today most experts prefer at least 128-bit encryption key. William Stallings' a noted encryptologist feels that, "DES can no longer be considered computationally…[continue]
"Data Encryption" (2002, December 05) Retrieved October 24, 2016, from http://www.paperdue.com/essay/data-encryption-140923
"Data Encryption" 05 December 2002. Web.24 October. 2016. <http://www.paperdue.com/essay/data-encryption-140923>
"Data Encryption", 05 December 2002, Accessed.24 October. 2016, http://www.paperdue.com/essay/data-encryption-140923
weaknesses of the Data Encryption Standard (DES). The Data Encryption Standard (DES) was a system developed by the USD government for use by the general public. Accepted both by the U.S. And abroad, many hardware and software systems employ the DES. Both individuals can send and encrypt and decrypt information to and from the other. The symmetry of the situation makes this a popular key. Authenticity is guaranteed since only
Data Mining Businesses can receive many benefits from data mining. Which benefits they receive, however, can also depend on the way in which their data mining is undertaken. Predictive analytics are used to understand customer behavior, and businesses use the behavior of the customer in the past to attempt to determine what the customer will do in the future (Cabena, et al., 1997). While it is not an exact science, many
The other is a private key that you use to decrypt messages that you receive" (Pretty pp). PGP is such an effective encryption tool that the United States Government actually brought a lawsuit against Zimmerman for putting it in the public domain and therefore making it available to enemies of the United States, however, after a public outcry, the government's lawsuit was dropped, yet it is still illegal to use PGP
In view of this the SSL method with right configuration is considered perfectly sufficient for all commercial purposes.5In order to safeguard the data while in transit it is customary to adopt a practical SSL protocol covering all network services that use TCP/IP to support typical application tasks of communication between servers and clients. (Secure Socket Layer- (www.windowsecurity.com) Communication over the internet passes through multiple program layers on a server prior
General Packet Radio Services (GPRS) is a service used in the provision of packet radio access for the GSM (for Global System for Mobile Communications) users .In regard to the wireless component, the GPRS technology makes a reservation of the radio resources only in instances when there are instances of data to be sent over its infrastructure. This therefore ensures that the radio resources are optimized. The fixed part
Company's Data Needs Data protection is an important aspect of modern day businesses and organizations because data is the lifeblood of their business and operations. Some of the major examples of a company's data include financial information, legal records, and customer information. Given the significance of this type of information, it is increasingly critical for a company to protect its data in order to guarantee successful operations. In the recent past,
PGP Encryption, better known as Pretty Good Privacy is a computer program that provides cryptographic privacy and authentication. Phil Zimmerman, the developer of PGP, introduced his invention in 1991. Since then, major improvements have been made to the computer program and is now available from PGP Corporation and other companies. The original intent of PGP was to encrypt email and attachments. PGP encryption applications have expanded to a variety of components