¶ … Encryption With the ever-increasing amount of information traffic on the net (LAN, WAN, etc.) there is a corresponding increase in the risk of vital data falling into the wrong hands. Data encryption is a technology that provides for a safe, secure and private information exchange.

The advancement of computer technology has bought a paradigm shift to our mode of communication. The Internet has managed to overcome all the geographical limitations and reduced the whole world to sort of a global village. The Internet has bought a whole new perspective into all walks of life. We are in a period where increasingly businesses are getting done online. The unprecedented growth of Internet and the global market that it promises has driven businesses all over to world to into ecommerce. Today most businesses carry their transactions online. This new technological revolution however is not without its loopholes. Hackers are on the increase and the net seems not all that safe and confidential. Data encryption is a technology that provides for a safe, secure and private information exchange. It safeguards us from the plethora of hackers and snoopers who try to misuse their technical expertise to intrude into our privacy and obtain confidential information. Let us analyze data encryption in a little detail.

Encryption

Basically encryption is a mechanism by which data which is exchanged between two systems is made unintelligible for anyone other than the intended person. Usually cryptographic algorithms are used to effect encryption or decryption. In this way even though data passing on the network is accessible for anyone it is not discernible and hence cannot be used for malicious purposes. Only the person for whom it is intended will be able to decipher it. Encryption is a software process and it makes data exchange safe and secure. In the early days encryption was primarily based on a translation table. (Classical Encryption). Every byte of data is used to offset the position in the translation table and the corresponding translated value is entered into the communication network. The decryption program at the receiver's end would again look for the matching entries in its own translation table and thus translates original data back from the encrypted form.

Compared to modern day keybased encryption systems this classical method of encryption is relatively faster but it is not that secure as a hacker only needs to know the translation table to decrypt the message. Masking and Veiling are the two main techniques employed in these classical encryption systems. 'Masking' is the method where the data items are substituted to ensure that they are incomprehensible. In the case of 'Veiling' technique the data items are not substituted as such but they are interleaved with other message packets that radically alters the meaning of the message. There are many classical systems of cryptography. Let us now see a few of them before going into the Keybased encryption systems. [Thinkquest Team]

Transposition

This is a system where the data elements are simply repositioned based on a common key. The technique is to choose any keyword and to assign numbers to characters in the keyword based on the ascending order or the position it has on the alphabetic sequence. The message that needs to be encrypted is written right beneath the keyword and the characters are repositioned based on the order of the numbers. Transposition is essentially a simple technique and hence it is not robust enough for high security data encryption needs. It is mainly used as part of other complex encryption systems.

A bit more advanced of form of the transposition method is the double transposition method. The technique involved is almost the same. The keyword is chosen and numbers assigned to it according to the alphabetic position. Here the encryption is achieved not by the repositioning of the individual characters of the data stream but rather by the repositioning of the columns of data making it totally imperceptible for the sly snooper. The encrypted message is either fully uppercase or fully lowercase to avoid giving away the number of words contained in the encrypted message. There are many other encryption systems like Pig Latin, Grille, Vigenere etc. [Thinkquest Team]

Key-Based Encryption

The modern cryptographic techniques employ key-based secrecy and the algorithms by themselves are public. This is the technique, which is currently in vogue. Keys are particular values, which allow us to decipher the data from the encrypted form. Key to the particular encryption system allows encryption of data at the sender's end and decryption...

By trying out all the different key combinations a queer snooper can easily decipher the encrypted message. Choosing a bigger key increases the security. The more number of bits in the key the safer the encrypted message. Presently there are two main types of key-based encryptions. They are the 'Symmetric' key encryption and Public key encryption.
Symmetric Key Encryption

Symmetric key encryption requires that any two computer systems that wish two communicate have the common key or code installed for the purpose of encryption and decryption of the message. Using this key the sender can encrypt the message and send it over the network to the desired destination. At the destination computer the user simply decodes the message using the code. In this way unauthorized deciphering of the message is prevented. Even though a perpetrator can get access to the encrypted message it will appear meaningless to him and hence he cannot cause any real damage. [Jeff Tyson]

Public Key Encryption

Also known as 'Asymmetric' encryption, this system involves the use of a public and private key encryption combination for exchanging information. The essential idea is to have a public key, which can be published to anybody on the net. Any computer needing information must send its public key to the other system. At the other end the encryption is done using the received public key and sent back to the requesting computer. Using his private key the receiver decrypts the message. So we see an effective combination of public and private keys to effect secure communication. A good example of Public key encryption is the SSL (Socket Security layer) protocol.

Socket Security Layer

SSL protocol is composed of two sub-protocols, the SSL Record Protocol and SSL Handshake Protocol. SSL Record Protocol deals with the format in which data is transmitted. The Handshake protocol on the other hand determines the session key or the secret key. As soon as the server is authenticated, the client creates a 'premaster secret' for the particular session. The server on its part decrypts the premaster (using its private key) to generate the master secret. This is used to decide upon the session key. Once the session key is created the server sends it to the client and data transfer is initiated by encrypting using the session key. [BPLNET.com]

Encryption Standard

Data Encryption Standard abbreviated as DES represents the federal information-processing standard. (FIPS). The DES is basically a symmetrical algorithm. Originally developed by IBM, it was adopted in 1977 by the U.S. government. The algorithm used 56 bits of the 64 and had 19 distinct stages. The first stage is the transposition of the 64-bit plain text and the final stage is the exact opposite of this. The rest of the stages are identical and controlled by the different functions of the key. This algorithm permits the use of the same key for both encryption and decryption. [Jeremy T. Teitelbaum]

Key length and Security

Key length plays a significant role in increasing the security of the encryption algorithm. Usually hackers manage to stumble upon the correct key combination by performing what is known as the brute force attack. Essentially this technique involves the working out of all possible combinations of the key. So for greater security it is essential to have a large key. "In cryptography, size does matter. The larger the key, the harder it is to crack a block of encrypted data." Says Gary Kessler an expert in the field. This makes it all the more difficult for the potential hacker to break the encrypted message. This is mainly because adding a bit to the encryption key increases the number of possible combination of the key by huge proportions. According to Kaufman, Perlman and Speciner, "Increasing the length of the key by one bit makes the good guy's job just a little bit harder, but makes the bad guy's job up to twice as hard (because the number of possible keys doubles)." [Loraine C. Williams]

However currently many experts opine that the 56 bit DES security is insufficient to meet the security demands of todays critical applications. Jim Bidzos, the president of RSA Data Security, Inc. states, "It has been widely known that 56-bit keys, such as those offered by the government's DES standard, offer only marginal protection against a committed adversary." So today most experts prefer at least 128-bit encryption key. William Stallings' a noted encryptologist feels that, "DES can no longer be considered computationally secure," "Even if we managed to speed up the cracker by a factor of 1 trillion (1012), it would still take…