Security through encryption


        Radio on FacebookJoin us on Facebook

Sometimes it is necessary to keep certain data files private, whether the files are on a disk or perhaps sent over a network through e-mails. Financial institutions, large corporations and government agencies routinely employ complex data encryption methods to hide sensitive and potentially damaging information stored on workstations and servers throughout the world.

Data encryption is simply a more advanced form of the secret codes or cryptology, used by the military for nearly the last century, essentially scrambling information is such a way that can only be read by the intended recipient.

Any computer connected to the Internet can be fair game for a motivated hacker that desires to read, or worse modify or destroy, important information. The function of data encryption algorithms is to permit the seamless transfer of sensitive information between two parties and to maintain that information on a storage medium that can read by only an authorized user.

What's in a name?

While we call these data encryption algorithms, the actual process depends on encryption and decryption methods. The more appropriate term would be cryptographic algorithms.

Fundamentally all data cryptography methods need at least two components:

  1. The algorithm defines the specific encryption method.

  2. The key identifies a specific instance of the algorithm.

Most data cryptography use these components and are also called key-based algorithms. Another method, called a restricted algorithm, does not use a key, but rather defines a specific encryption and decryption mechanism that is embedded between the source and the destination. The assumption with restricted algorithms is that the coding is kept secret and can not broken by outsiders. In contrast, files protected by key-based cryptographic schemes may use any number of encode algorithms, providing the proper key exists at the destination in order to decode the files properly.

There are two types of key-based cryptographic encryption algorithms: symmetric and asymmetric.

Symmetric key method

Symmetric key, also called secret-key, is the most popular form of data cryptography in use today. This method uses a single key for the sender and recipient. How does the recipient get the secret key? It must be sent separately through a trusted and secure channel.

The most popular implementations of symmetric algorithms include:

  • DES, or data encryption standard, was originally developed by IBM in 1974, was adopted by the National Institute of Standards (NIST) in 1977 as a national standard to address the need for protecting non-classified data. DES uses a key length of 56 bits. While DES is still widely used throughout the world, it has been determined that a 56-bit key is not sufficiently large enough to be impervious to hackers. DES is applied to data in blocks of 64 bits — i.e. 64 bits of incoming text is converted to 64 bits of encoded text. The maximum key length is limited to 56 bits because the least significant digit (in binary) is used as a parity bit and ignored, leaving only the seven most significant digits yielding a maximum length of 56 bits.

  • Triple DES is a stronger form of DES using three 64-bit keys for a total key length of 192 bits. The 192-bit key breaks the key into three separate keys. From here the process is essentially the same as standard DES, however the data is first encrypted with the first key, decrypted with the second key and finally encrypted for a second time with the third key. While triple DES is far more secure, it operates about three times slower than single DES.

  • Advanced encryption standard (AES) became effective as a standard on May 26, 2002. AES specifies three key lengths: 128 bits, 192 bits and 256 bits. Data encoded with the AES 128-bit key is 1,021 times stronger than the traditional 56-bit DES scheme.

  • Blowfish, developed in 1993, uses variable key lengths from 32 bits to 448 bits. It is gaining popularity as an alternative to DES.

  • International data encryption algorithm (IDEA) uses a key length of as much as 256 bits. The key phrase is applied to another algorithm know as MD-5 (MD stands for message digest) which digitally creates a 128-bit key. IDEA is not freely distributed commercially, but is used with the popular data encryption program PGP (pretty good privacy).

Asymmetric key methods

Cryptography based on the asymmetric key method is also known as a public-key infrastructure (PKI) algorithm. PKI uses public and private keys to maintain a high level of security for files that are typically sent via a public or private network. Each user has access to the list of public keys for the other users across the network. To establish a secure connection between two users, the originating user must find the public key for the destination. The file is encrypted using the public key assigned to the user at the destination. The user at the destination can decrypt the file using his private key. One popular implementation of PKI is called RSA.

RSA, developed in 1977, uses encryption and digital signatures to create highly secure crypto text. Its function is complex, but the RSA Laboratories website explains it well. Further information can be found at the RSA Securities website at www.rsasecurity.com.

This is only a brief overview of methods available to secure your data. The Web provides a rich source of information to research these and other methods.


Web Resources

National Institute of Standards
www.nist.gov

Blowfish
www.counterpane.com/blowfish.html

International data encryption algorithm
www.finecrypt.net/idea.html

RSA Securities
www.rsasecurity.com


McNamara, Radio's consultant on computer technology, is president of Applied Wireless Inc., New Market, MD.


All of the Networks articles have been approved by the SBE Certification Committee as suitable study material that may assist your preparation for the SBE Certified Broadcast Networking Technologist exam. Contact the SBE at (317) 846-9000 or go to www.sbe.org for more information on SBE Certification.




Acceptable Use Policy
blog comments powered by Disqus

[an error occurred while processing this directive]

Today in Radio History

Milestones From Radio's Past

The history of radio broadcasting extends beyond the work of a few famous inventors.

EAS Information More on EAS

NWS XML/Atom Feed for CAP Messages

The feed provides feeds for all US states and territories.

Wallpaper Calendar

Radio 2014 Calendar Wallpaper

Need a calendar for your computer desktop? Use one of ours.

The Wire

A virtual press conference

Information from manufacturers and associations about industry news, products, technology and business announcements.

Join Us Facebook Twitter YouTube LinkedIn
Radio magazine cover

Current Issue

88Nine Radio Milwaukee

A New Home Brings Community Together

Browse Back Issues

[an error occurred while processing this directive]