# Encryption

(Redirected from Encrypt)
Jump to: navigation, search

Encryption is the process of changing information into a secret code using an algorithm (cipher).[1] It is usually carried out today by computers, although in the past it was traditionally carried out by analog machines or by specialists known as cryptographers.

## History

The earliest known form of encryption is that known as "ROT-13," or the "Caesar cipher", because its invention was once reportedly attributed to Julius Caesar.[2] In the Caesar cipher, each letter of the message (or "plaintext") is shifted forward in the alphabet by 13 places; for example, "CIPHER" becomes "PVCURE".[3] The Caesar cipher is what is called a symmetric cipher, meaning that the method of encryption is the same as the method of decryption (rotate by 13 characters), and therefore it is just as easy to decode any message as it was to encode it. For this reason, modern cryptanalysts tend to view most symmetric encryption methods as flawed.[4]

Another popular historical encryption method was the "enigma machine" developed by Nazi Germany during World War II. The enigma machine (or ENIGMA for short) worked on the plugboard principle. It had the ability to generate many different ciphertexts for the same plaintext using different "keys", which meant that Allied cryptographers could no longer rely on being able to match encoded texts with plaintexts. Prior to World War II, cryptographers had gotten used to being able to collate messages with their ciphertexts to create large "dictionaries" (for example, matching the ciphertext "PVCURE" with its plaintext "CIPHER" in the above example). These code dictionaries could then be used to launch dictionary attacks against messages whose decodings were not yet known. ENIGMA rendered this tactic hopeless. For example, while "PVCURE" might mean "CIPHER" using Monday's key, it might mean "ATTACK" using Tuesday's key. However, a letter cannot be encrypted as itself, so no key can decrypt "PVCURE" as "POISON".

The Enigma cipher was first cracked by three Polish mathematicians: Marian Rejewski, Jerzy Rozycki, and Henryk Zygalski.[5] Despite this, filmmakers have tried to give the credit to British mathematician Alan Turing, who was taught by the Polish experts how to build a computer to continue to decipher the Enigma.

The deciphering of the Enigma was the beginning of modern cryptography as a science, although few advancements were made from the end of WWII until the rise of the Internet in the 1980s.

## Modern usage

Encryption is used heavily on the internet today, since it is the only practical way to prevent interception of valuable information by hostile parties in this environment. More than half of the websites across the internet now utilize HTTPS, which encrypts web traffic between hosts and clients using TLS.[6] Additionally, progress is being made towards encrypting DNS traffic, which has historically been transmitted in the clear, using TLS as well.[7]

Encryption is also sometimes used to create secure VPN "tunnels" for internet traffic. Businesses sometimes utilize this to protect their confidential information as it moves from remote locations (such as laptops, phones, and cloud providers) to their internal network, or vice versa. This VPN tunnel can give hints to hostile parties as to what may be going on, but it prevents them from simply intercepting and reading the information being communicated.

Encryption in also used extensively in cloud environments, where there are typically no physical security controls available to the cloud customer (other than the service provider's own protections). The industry standard is for data to be encrypted "at rest" (while being stored) and "in motion" (while being communicated from one point to another).[8] Data is also sometimes encrypted "in use" (while being processed by one or more CPUs).[9]

Several forms of "strong" encryption have been considered munitions under US federal law, the exportation of such encrytion to belligerent countries such as Iran has been restriced.[10]

### Harmful uses

Like any tool, encryption can be used for good or evil. Encryption is sometimes used by hackers and other anti-government types to conceal their activities from the federal government. For example, the leftist GNU organization provides a program called "Pretty Good Privacy" (PGP) for encrypting e-mail; this can have legitimate uses, but is also sometimes used for concealing underhanded communication.

Encryption is also used by some malware, to conceal the malicious payload and avoid security scanners. Ransomware takes a different approach, by encrypting personal or corporate files on infected computers, then demanding a ransom payment before (possibly) disclosing the decryption key.

## Common algorithms

### Triple DES

Triple DES or 3DES is a successor of the "Data Encryption Standard" (DES) algorithm. DES was a symmetric-key cryptography option, which became popular in the 1970s. However, with the advancement of computing power, it became too weak to use. Triple DES, which was released in 1998, uses the same basic algorithm. However, it runs the encryption procedure on each block three times, each time with a different key. Triple DES uses a 64-bit key, but part of that was used for key validation, so functionally it only offered a 56-bit key. This essentially gives it a 168-bit key, but a meet-in-the-middle vulnerability reduces the equivalent protection to a 112-bit key.[11][12]

### RSA

RSA was developed by Ron Rivest, Adi Shamir, and Leonard Adleman in the 1970s. Named after its creators, RSA (Rivest-Shamir-Adleman) is a public-key encryption (also known as asymmetric encryption) algorithm which is used today for many applications. SSH authentication, SSL encryption, and many other systems use this algorithm. RSA uses a key length of 1024-bits or 2048-bits. 1024-bits is considered insufficient by some, especially with the advancements in quantum computing. The industry and US government recommend using more than 1024-bit keys.[11][12]

### Blowfish

Created in 1993 by Bruce Schneier as a replacement for DES, Blowfish is a general-purpose block-cipher symmetric encryption algorithm. This system uses 64-bit blocks of data, with keys ranging from 32-bits to 448-bits. It is a very durable and flexible algorithm, which is used in many ways, from commerce software to drive-level encryption systems.[11][12][13][14]

### Twofish

Also created by Bruce Schneier, Twofish is another block-cipher symmetric encryption algorithm. It uses 128-bit blocks, and keys up to 256-bits. Each block is encrypted based on the output of the previous block, which adds to the difficulty of brute-forcing data which has been encrypted using this algorithm.[11][12]

### AES

The "Advanced Encryption Standard," originally named "Rijndael," was released in 1998 by Vincent Rijmen and Joan Daemen. It became the new U.S. encryption standard in 2002. AES is a symmetric key cryptography algorithm which encrypts 128-bit blocks of data using 128-bit, 192-bit, or 256-bit keys. This algorithm is relatively fast and easy to use, and relatively durrible. However, it can be broken, especially when short keys are used. In order to make brute-forcing this encryption more difficult, it will typically run at least ten rounds of encryption on each block.[11][12][15][16]

### IDEA

The International Data Encryption Algorithm (IDEA) is another symmetric encryption algorithm, which was released by Xuejia Lai and James Massey in 1991. This system uses 64-bit blocks and 128-bit keys. Unlike its predecessors, this algorithm encrypts the data multiple times, but it uses "half-rounds" to accomplish this. The key is broken up into 16-bit sub-keys, and these are used for each pass rather than the full key.[11][12]

## References

1. http://www.webopedia.com/TERM/E/encryption.html
2. Far more likely, however, is that the Caesar cipher was invented by a mathematician in Caesar's employ, and Caesar merely took the credit, much as Henry VIII took credit for the melody of "Greensleeves", or President James Garfield claimed to have discovered a novel proof of the Pythagorean Theorem.
3. The lack of the letters "J", "Q", "U", and "W" in the Latin alphabet posed an impediment to the Caesar shift's widespread adoption, since the encoded ciphertext would actually have read "PVCVRE" and thus had four different possible decodings.
4. http://www.centurionsoft.com/centurionmail/wpencryption.html
5. https://www.telegraph.co.uk/science/2016/03/15/polish-codebreakers-cracked-enigma-before-alan-turing/
6. https://www.wired.com/2017/01/half-web-now-encrypted-makes-everyone-safer/
7. https://developers.cloudflare.com/1.1.1.1/dns-over-https/
8. https://csrc.nist.gov/publications/detail/sp/800-53/rev-4/final
9. https://www.datamotion.com/best_practices_-securing_data_at_rest_in-use_and_in_motion/
10. "Encryption Export Controls" at stanford.edu
11. https://www.cleverism.com/5-common-encryption-algorithms-and-the-unbreakables-of-the-future/
12. https://blog.storagecraft.com/5-common-encryption-algorithms/
13. https://www.schneier.com/academic/blowfish/
14. https://www.commonlounge.com/discussion/d95616beecc148daaa23f35178691c35
15. https://aesencryption.net/
16. https://www.tutorialspoint.com/cryptography/advanced_encryption_standard.htm