Sign In Sign-Up

Welcome!

Close

Would you like to make this site your homepage? It's fast and easy...

Yes, Please make this my home page!

No Thanks

  Don't show this to me again.

Close

Key Management
 

The best data encryption software in the world cannot protect your files if you compromise your key.

Encryption Keys
 

        Secure encryption of your data is our job. The choice of a good key and protecting the key from compromise is your job.

                How do you select a good text key? Several things should be considered:

1. Keys should not have many repeating characters.
2. If they have any pattern to the eye they should not be used.
3. Keys must be kept secure.
4. Keys should be as long as practical.

                We recommend you use as long a key as possible. Phrases or short sentences should work well as a key and still be easy to remember. Spaces may be used in your key, but we recommend not using spaces at the beginning or end of the key. These spaces are easily forgotten.

Management of the Keys
 

Distribution and maintenance of keys requires planning if it is to be successful. Both you and the person you send encrypted files to need to know the key. One way to handle this is to coordinate a key through a trusted avenue -- in person, over secure phone circuits, etc.

                Once you have a trusted secure key, generate and encrypt other keys on an as needed basis. Encrypt the work keys in your trusted secure key and send the encrypted key to the person who will be decrypting your files. Since the work keys will encrypted, they can be sent through any avenue you want. You do not have to protect them since they are encrypted.

                The person at the end will receive your list of keys and decrypt them using the coordinated private key. You can now safely switch to the new keys.

                This simple concept should make key management much easier for you.
 

Generating Binary Keys
 

Encryption routines like DES require a key consisting of a sequential number of bits. There are several ways to translate a phrase like - my dog is brown - into a binary key. One easy way to generate this key is to calculate the cyclic redundancy check (CRC) of the phrase generating a 16 bit or 32 bit binary signature for the entire phrase.

                You could then use this signature as the first part of the binary key. The rest of the binary key could be made up of the first few characters of the textual phrase. That way you could have a binary key that varied with the textual phrase but was much smaller.

                Our Windows Encryption Toolkit provides a CRC function to help you take advantage of this approach to binary key generation.