Encryption policy and standards is a very broad category with numerous pages of information on the topic. Policybers.com houses a wide variety of topics pertaining to encryption policy, however, for this information to be useful, a basic understanding of the encryption process and what all it involves is required.

Encryption or software code obfuscation is also used in software copy protection against reverse engineering, unauthorized application analysis, cracks and software piracy used in different encryption or obfuscating software

Ciphers

A cipher is an algorithm for performing encryption (and the reverse, decryption) — a series of well-defined steps that can be followed as a procedure. An alternative term is encipherment.

The original information is known as plaintext, and the encrypted form as ciphertext. The ciphertext message contains all the information of the plaintext message, but is not in a format readable by a human or computer without the proper mechanism to decrypt it; it should resemble random gibberish to those not intended to read it.

The operation of a cipher usually depends on a piece of auxiliary information, called a key or, in traditional NSA parlance, a cryptovariable. The encrypting procedure is varied depending on the key, which changes the detailed operation of the algorithm. A key must be selected before using a cipher to encrypt a message. Without the same key, it should be difficult, if not impossible, to decrypt the resulting ciphertext into readable plaintext.

"Cipher" is alternatively spelled "cypher"; similarly "ciphertext" and "cyphertext", and so forth. The word descends from the Arabic word for zero: cifr or صِفْر, like (the Italian) zero (which remained in use for 0, the crucial innovation in positional Arabic versus Roman numerals) but soon was used for any decimal digit, even any number. There are also etymological roots to the Middle French word cifre, and the Medieval Latin cifra, both of which are probably originated from the Arabic root. While it may have come to mean encoding because that often involved numbers, a theory says conservative Catholic opponents of the Arabic (heathen) numerals equated it with any 'dark secret'.

Ciphers versus codes

In non-technical usage, a "(secret) code" is the same thing as a cipher. Within technical discussions, however, they are distinguished into two concepts. Codes work at the level of meaning — that is, words or phrases are converted into something else. Ciphers, on the other hand, work at a lower level: the level of individual letters, small groups of letters, or, in modern schemes, individual bits. Some systems used both codes and ciphers in one system, using superencipherment to increase the security. Robert Anton Wilson mentions this distinction in his work The Illuminatus! Trilogy.

Historically, cryptography was split into a dichotomy of codes and ciphers, and coding had its own terminology, analogous to that for ciphers: "encoding, codetext, decoding" and so on. However, codes have a variety of drawbacks, including susceptibility to cryptanalysis and the difficulty of managing a cumbersome codebook. Because of this, codes have fallen into disuse in modern cryptography, and ciphers are the dominant technique.

Types of cipher

There are a variety of different types of encryption. Algorithms used earlier in the history of cryptography are substantially different from modern methods, and modern ciphers can be classified according to how they operate and whether they use one or two keys.

Historical pen and paper ciphers used in the past are sometimes known as classical ciphers. They include substitution ciphers and transposition ciphers. During the early twentieth century, more sophisticated machines for encryption were used, rotor machines, which were more complex than previous schemes.

Encryption methods can be divided into symmetric key algorithms (Private-key cryptography) and asymmetric key algorithms (Public-key cryptography). In a symmetric key algorithm (e.g., DES and AES), the sender and receiver must have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption, and the receiver uses the same key for decryption. In an asymmetric key algorithm (e.g., RSA), there are two separate keys: a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only him to perform decryption.

Symmetric key ciphers can be distinguished into two types, depending on whether they work on blocks of symbols of fixed size (block ciphers), or on a continuous stream of symbols (stream ciphers).

Key size and vulnerability

In a pure mathematical attack (i.e., lacking any other information to help break a cypher), three factors above all, count:

• Mathematical advances, that allow new attacks or weaknesses to be discovered and exploited.
• Computational power available, i.e. the computer power which can be brought to bear on the problem.
• Key size, i.e., the size of key used to encrypt a message. As the key size increases, so does the complexity of brute search to the point where it becomes infeasible to crack encryption directly.

Since the desired effect is computational difficulty, in theory one would choose an algorithm and desired difficulty level, thus decide the key length accordingly.

An example of this process can be found at keylength.com which uses multiple reports to suggest that a symmetric cypher with 128 bits, an asymmetric cypher with 3072 bit keys, and an elliptic curve cypher with 512 bits, all have similar difficulty at present.

To learn more, please select a category:

• Advanced Encryption Standards
• Cryptographic Module Validation
• Data Encryption Standards
• WiFi Protected Access
• CCMP
  

Search engine optimisation by SEO .org