|
Encryption and decryption require the use of some
secret information, referred to as a key. There are two types of encryption:
secret key and public key. In secret-key encryption, also referred to as
symmetric encryption, the same key is used for both encryption and decryption.
In the public-key encryption, also referred as asymmetric encryption, each user
has a public key and a private key. Encryption is performed with the public key
while decryption is done with the private key. This topic covers the issues
related to the secret key encryption.
A secret key is, in essence, a sequence of
numbers each of which has value from 0 to 255 (such numbers are called bytes).
The required length of secret key is determined by the algorithm which is used
for encryption. The required length of key for algorithms used in this
program varies from 16 bytes (IDEA algorithm) to 255 bytes (RC-6 algorithm).
Secret keys are almost impossible to memorize
(imagine that in order to encrypt some data you need to learn by heart the
sequence of 255 numbers), and it takes several minutes to input them from the
keyboard. Therefore, secret keys usually stored on floppy disks or other
removable media, and these media in turn are stored in safe place.
It's a common practice in everyday life not to
deal directly with secret keys, but generate them when they are needed for
encryption or decryption from passwords. But here, the tradeoff is in terms of
security: in order to perform secure
encryption with a password, it must include a great variety of different symbols and it
must be as long as possible. For example, a very secure password may look like this:
A$1)s38.G\R^ e@*h]-(k#;2%k"Q
In other words, a very secure password is
not much easier to memorize than a secret key is. That is why users usually
choose less complex passwords that are consequently not so secure. This program
allows you to choose for encryption between a password that is easy to remember
and the user's secret key which is more secure.
The necessity of storing encryption keys on a
floppy disk or other removable medium is often considered as an inconvenience. But this necessity must be
rather considered as an advantage. Because storing encryption keys on the floppy
disk eliminates intrinsic drawbacks which encryption with password has:
| Encryption with key |
Encryption with password |
| 1. Every file can be encrypted with
its own key. One of the main rules of cryptography is that an encryption key can be used for
encryption only once. Several hundreds keys may be stored on one floppy disk; |
1. If user "stores"
passwords in his memory, he scarcely would memorizing many passwords; |
| 2. If user uses key management
features, there is no need to track what file with what key has been encrypted. For
decryption he only need to indicate directory where he store
encryption keys and the appropriate key
will be found automatically; |
2. Even if
user does not memorize his passwords, but writes down them on a
paper, he also must keep information about which password has been
used for encryption of which file. |
| 3. Encryption key can be entered
for encryption or decryption with just two or three mouse clicks; |
3. For
providing an acceptable level of security, passwords must be as long
as possible and contain great variety of symbols. Procedure of
entering of such passwords often takes several minutes (taking into account possible
faults and retyping). |
And the main drawback of
passwords is, of course, their vulnerability to various kinds of attacks. Passwords, in
the difference from keys, typically contain less than 20% out of all possible byte values
(symbols). And this fact greatly simplifies the task of breaking the encrypted data.
As a conclusion one can say
that if you need the maximal level of security of your confidential information, then the
only alternative for you is to use encryption with key. |
