|
|||||||
|
|
|
|||||
|
|
|||||||
Encryption Techniques
The Data Encryption Standard (DES)
Most encryption schemes are kept secret. One exception is the Data Encryption Standard (DES), which was issued by the U.S. National Bureau of Standards (NBS). The National Security Agency (NSA) was intimately involved in the development and acceptance testing of the DES algorithm.
In 1972, the National Bureau of Standards (now called the National Institute for Standards and Testing) asked for proposals for a method to encrypt commercial computer data traffic (just like the data in your PC today). In 1974, the NBS asked NSA for assistance, since the NBS had received an extremely poor response to their original request for proposals. NSA has as one of its primary functions the development and breaking of information protection techniques (codes and ciphers). An algorithm developed by IBM became the DES and was issued by the NBS in 1977. This provided an approved and secure standard for protecting computer data against possible theft or unauthorized access.
DES performs encryption by working on a block of 64 bits of your data using a 64 bit key (we generate the 64 bit key from the key you supply). Basically, DES is a substitution cipher.
How well does DES protect your data? The designers of the DES algorithm maintain that the time needed to decrypt a DES encrypted file makes it unprofitable to use trial and error techniques. Some estimates to break DES are as high as $200 million to try all 72 quadrillion possible keys.
We chose to implement DES because it is a standard and its ability to protect your data is well documented. Our goal is to provide you with the best possible software tool for the protection of your sensitive data.
Proprietary Encryption Techniques
Our software provides several layers of encryption as its basic level of data protection. Our proprietary encryption algorithms provide the industry standard xor, transposition, and substitution forms of encryption. These are applied to your data, one on top of the other, providing multiple layers of encryption.
It is extremely unlikely that anyone will ever go to the expense to break our proprietary level of encryption in our Encrypt-It. To eliminate even this small possibility we also support adding the secure DES on top of our proprietary encryption techniques.
Cryptographic Encryption Techniques
Cryptographic techniques provide a very cost effective method of protecting your important data. There are many computer techniques available today for protecting your sensitive data. Our encryption products uses the following four basic encryption methods:
1. Transposition - Changes the natural order of data so that a different order for the characters is used. It swaps characters within a message to place them in a different order based on the encryption key (text string) you use for encryption. For example, the clear text phrase - THIS IS A TEST - could become - ISTHA SI TAEST - after encryption. You will notice that the characters are the same. However, their order is totally mixed up or transposed. This process is repeated during decryption to return the data back to its original state.
2. Substitution - Substitution is one of the simplest encryption techniques. It creates a new order for the characters. For example, the order of the text ABCDEFGHIJKLMNOPQRSTUVWXYZ could be changed to a new order ADMYNZEOFPBQGSRHTUIVWJKXL. The message - THIS IS A TEST - would become - IEOU OU C IYUI -. This example is over simplified for illustration purposes. When substitution is used within a computer, all 256 possible characters are used so that it is possible to use the technique on different types of computer files.
3. Exclusive Or - This is a logic operation used by the computer to manipulate the data at the bit level. For example, a character which consists of 10011001 (shown as bits) could be encrypted with 1101010 to give you 01001100 when the exclusive or is performed. When either the data or the key contains a 1, the result is a 1, otherwise it is a 0. To reverse the process, you exclusive or the encrypted data with the key a second time. This operation is very easy for computers to perform and is used when only a minimum of protection is required.
4. Data Encryption Standard (DES) - DES performs its encryption by working on a block of 64 bits of your data using a 64 bit key (we generate the 64 bit key from the key you provide). DES makes a total of 16 passes through each 8 character (64 bit) block of your data substituting a different character for the one initially there. As you can guess, DES is practically impossible to break. To eliminate even that small possibility, cipher block chaining (CBC)) is often used to strengthen DES. CBC provides an exclusive or encryption layer underneath DES that chains the encryption of the unencrypted data from one 64 bit block to the next.