Symmetric Encryption?
Symmetric Encryption (graded) The initial encryption standard developed by NIST was called data encryption standard (DES). DES is too weak for modern applications since the key size is only 56-bit. It was replaced by advanced encryption standard (AES). AES has variable key sizes and can require a key size of 256-bit. Discuss if you think AES key size has a direct relationship with algorithm strength. Do you think that AES-256 is necessarily better than AES-128? How long do you think it would take to launch a brute force attack on AES-128 using a standard computer?
Advanced Encryption Standard?
(Advanced Encryption Standard) A NIST-standard cryptographic cipher that uses a block length of 128 bits and key lengths of 128, 192 or 256 bits. Officially replacing the Triple DES (3DES) method in 2001, AES uses the Rijndael algorithm developed by Joan Daemen and Vincent Rijmen of Belgium. AES can be encrypted in one pass instead of three (the 3 in DES :), and its key size is greater than Triple DES's 168 bits. In early 1997, the NIST invited cryptographers to submit an advanced algorithm. In late 2000, the Rijndael (pronounced "rine-doll") symmetric block cipher algorithm was selected out of submissions by 21 teams from 11 countries. ___ So hey hi I got your email (thank you for the kind remarks:)... I am not sure what kind of information you are wanting as far as the e-business side... obviously if your applications are using this encyption with a high bit rate it will be very secure. There are other algorithms that you can choose from such as IDEA, Blowfish, Twofish, etc.. and most applications offer more than one and give you a choice of which you would like to use in the preferences. If you do a google search on AES Vulnerabilities you will certainly come up with some.. you can also go straight to the CVE, NIST website of known vulnerabilities... and find the ones that may apply to you... not knowing your enterprise and your applications it would not be prudent for me to speculate on what is the right choice in your environment. I need a more specific question to help.. I am not good with hypotheticals or too general. I am definitely not a cryptography-math-guru (ala Bruce Schneier - check out his books and website).. my field is more overall security assessments, specialize in regulatory compliance (HIPAA), and like forensics, etc... Hope I am a little bit of help. Good Luck.
What is the most recent used encryption method?
I think he's looking for the most up to date encryption algorithm, expecting it to be the most secure. Just because I coded an algorithm yesterday doesn't mean it's more secure than algorithms that have been out there for many years. In fact, it's likely that it's not as secure as those time tested algorithms. The de facto standard public encryption minimum for the U.S. Government is AES and the Government is having a competition for a new random number generation that could be used in AES as well as other algorithms. WG
What is considered to be the strongest encryption algorithm?
There is no one strongest encryption algorithm. It all depends on what type of cryptographic algorithm you are using.There are two types of crypto: symmetric key and public key (asymmetric).Symmetric key cryptography comprises a single key being used for encryption / decryption, and it is useful for encrypting large amounts of data. In this category, AES is usually the most widely used and secure algorithm.Public key cryptography (PKC) is quite different from symmetric key cryptography. PKC consists of two keys: public and private. The public key is used to encrypt data, and through some mathematical property (modular multiplicative inverse of the public key for RSA), the private key (and only the private key) can be used to reverse the encryption. PKC generally can't handle encrypting large amounts of data efficiently, due to the runtime of the mathematical processes it often employs. It is slightly harder to pick a best public key cryptosystem, since even within PKC, different algorithms serve different purposes. For example, for digital signatures, the relatively new elliptic curve digital signature algorithm (ECDSA) handily beats old ones like RSA bit per bit, with a 240-bit ECDSA key being roughly equivalent in security to a 1024-bit RSA one. However, ECDSA can't directly be used for encryption, whereas RSA can.Thus, to reiterate, it really depends on the algorithm you're using and for what purpose. Use symmetric key (AES or any algorithm of similar caliber) if you’re dealing with large amounts of data locally, but use public key crypto (usually aim for RSA or ECDSA) if you want to transfer a symmetric key securely over an insecure channel or encrypt small amounts of data.
What is the most advanced encryption?
RSA is ancient, I think it came out in the 1970's. AES 320-bit is the best for practical use. It is much more secure than RSA, and is almost impossible for law enforcement, hackers, or anyone else to crack, unless you use a really easy password. If your password is something like "John1981" than regardless of whatever level of encryption you have, it'll be hard to crack. If your password is something like "$%#{|>*_+=-/.)^" it should be a bit harder to crack. The most advanced encryption would be a matter of debate, and it would take a long time to encrypt files, so it wouldn't be practical for home or small to medium sized business use.
How is military grade encryption defined?
TL;DR: The term military grade encryption is generally marketing BS. Most major militaries (such as the US Military) use off the shelf encryption algorithms with key lengths that vary depending on the levels of protected data's clearance (Sensitive, Classified, Secret, Top Secret, etc.).It's important that these algorithms are off the shelf or are otherwise public. As per Kerckhoffs's principle, a secure cryptosystem can't rely on secrecy of the algorithm or process of encryption/decryption because a skilled attacker will shred through such obscurity and discover faults in your system. This is one of the reasons why US DoD openly states the algorithms they use in public documents like the Common Criteria and the Rainbow Series - the primary reason being that it makes building compatible software for these systems a lot easier. The algorithm chosen for encryption may vary depending on the medium and intention. For example, unstructured and structured digital data at rest may be encrypted with AES whereas data in flight may be encrypted with SKIPJACK. Most militaries require these algorithms to be vetted by their government's electronic intelligence or technology standards organization for security (e.g.: US DoD regulations look to NIST or NSA for their choice of algorithms).As stated before, lengths for cleared data vary depending on governments' infrastructures and spend on infosec. But in US DoD it's usually pegged on minimum requirements: 128-bit+ symmetric for Secret, 256-bit+ for Top Secret, and a whole mess of other things for SCI. There's also length requirements on the hashing infrastructure for things like password data (SHA-256 and SHA-512 for sensitive information), and further implementation details on how you create and store keys to abide by Multilevel security.
The DES encryption was broken in 1999. Why and how did it happen?
Actually, DES encryption was first broken in 1997 by the use of thousands of networked PCs doing a brute force search for the key. The why part of your question is surrounded by controversy and intrigue.DES was the first computer standard for encryption, which was accepted in 1976. DES was originally designed by IBM, but this design was changed after consultation with the NSA. The NSA recommended a change which strengthened the design against differential cryptanalysis but weakened it against brute force attacks.DES was weakened against brute force attacks by reducing the key from 64 bits to 56 bits. Since the algorithm continued to use the same 64 bits, it was erroneously reported that the “spare” 8 bits were used for error correction or other purposes. This is not the case, the 8 bits were simply not used at all. Also, some claimed that the reduced key allowed DES to fit on a single chip or was faster, but both claims are false.Despite suspicions caused by the NSA involvement in the DES design, it was quickly and widely adopted as an encryption standard. But because of these suspicions, the race to crack DES was on.The first proposal to crack DES was made in 1977 by Whitfield Diffie and Martin Hellman, just one year after it was accepted as a standard. They designed a computer which they claimed could break DES in less than 12 hours. Unfortunately, this computer would cost $20 million and was never built. It was argued that this type of machine was out of reach of anyone except the NSA.In 1993, M. J. Weiner published a computer design which could break DES in 3.5 hours. This computer would cost $1 million and again was never built. But by now, confidence in DES was eroding.The encryption company RSA issued their first of three challenges to break DES in 1997. It was successfully broken by thousands of networked PCs in 90 days.The second challenge was issued in 1998 and was successfully broken by thousands of networked PCs in 41 days. In addition, the Electronic Frontier Foundation built a specially designed computer to crack DES, and was successful on this second RSA challenge in 56 hours. This computer only cost $200,000.The third RSA challenge in 1999 was also successful and DES was cracked by thousands of networked PCs in 22 hours and 15 minutes. This was finally the nail in the coffin for DES.In 2001, AES was accepted as the new standard to replace DES encryption.
What is the best actual encryption algorithm used in hardware-based data storage?
Algorithm is just a start. It will most likely be AES or FIPS /NIST approved list with key length and other parameters.Encryption is beyond picking the name of algorithm, generate a random key and be done with it, especially if you are planning on using device for data storage, where you have the need to retrieve the data in plain text.Whether you are building a device or looking to buy one and want to understand how security works, questions you need to ask area) What amount of data is being stored.b) Where will this hardware device reside ( home, data center, etc.)c) How do you encrypt the data? when you actually store on the device ? or on the wire? is on device encryption is just a second layer of encryption?d) How do you authenticate and authorize the userse) How do you serve decrypted content back to the userf) What is your key management strategyHow will you rotate the keyIs this one key per device ? what happens if the key is lost /stolenIf you are storing the keys on the device itself, how is it any different than storing the data in plain text ( assuming you are doing something like Transparent data encryption)If keys are in the hardware ( assuming you address other risks) , how are keys provisioned.
Which are some most secure encryption algorithms in the world?
A "One time pad" with a truly random key that is as long as the message. In this case, only you and your recipient have the key, and there are no patterns or repetition for any codebreaker to catch on to. Of course, the problem with this type of encryption is that no public key is possible, so you have to arrange to send your key to your recipient through a private channel. And the "truly random" part is truly difficult. That eliminates many use cases, however, If you can arrange key distribution, there are a few use cases in which it will work. For example, I have a friend with whom I would like to exchange text messages. Each text message is only a one kilobyte in length. If I can pre-arrange the exchange of a 1 gb key, we could securely exchange 1 million text messages.