Question

please describe below technology used, benefit, issue and conclusion in your words

Technology Used

Encryption was almost exclusively used only by governments and large enterprises until the late 1970s when the Diffie-Hellman key exchange and RSA algorithms were first published -- and the first personal computers were introduced. By the mid-1990s, both public key and private key encryption were being routinely deployed in web browsers and servers to protect sensitive data.

Devices like modems, set-top boxes, smartcards and SIM cards all use encryption or rely on protocols like SSH, S/MIME, and SSL/TLS to encrypt sensitive data. Encryption is used to protect data in transit sent from all sorts of devices across all sorts of networks, not just the internet; every time someone uses an ATM or buys something online with a smartphone, makes a mobile phone call or presses a key fob to unlock a car, encryption is used to protect the information being relayed. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material, are yet another example of encryption protecting data. Cryptographic hash functions.

Encryption is usually a two-way function, meaning the same algorithm can be used to encrypt plaintext and decrypt ciphertext. A cryptographic hash function can be viewed as a type of one-way function for encryption, meaning the function output cannot easily be reversed to recover the original input. Hash functions are commonly used in many aspects of security to generate digital signatures and data integrity checks. They take an electronic file, message or block of data and generate a short digital fingerprint of the content called a message digest or hash value. The key properties of a secure cryptographic hash function are:Output length is small compared to input o Computation is fast and efficient for any input or Any change to input affects lots of output bits o One-way value -> the input cannot be determined from the output of Strong collision resistance -> two different inputs can't create the same output

The ciphers in hash functions are optimized for hashing: They use large keys and blocks, can efficiently change keys every block and have been designed and vetted for resistance to related-key attacks. General-purpose ciphers used for encryption tend to have different design goals. For example, the symmetric-key block cipher AES could also be used for generating hash values, but its key and block sizes make it nontrivial and inefficient.

Encryption helps protect business data. The technology comes in many forms, with key size and strength generally being the biggest differences in one variety from the next.

1. Triple DES:

Triple DES was designed to replace the original Data Encryption Standard (DES) algorithm, which hackers eventually learned to defeat with relative ease. At one time, Triple DES was the recommended standard and the most widely used symmetric algorithm in the industry.

Triple DES uses three individual keys with 56 bits each. The total key length adds up to 168 bits, but experts would argue that 112bits in key strength is more like it.

Despite slowly being phased out, Triple DES still manages to make a dependable hardware encryption solution for financial services and other industries.

2. RSA:

RSA is a public-key encryption algorithm. It also happens to be one of the methods used in our PGP and GPG programs.

Unlike Triple DES, RSA is considered an asymmetric algorithm due to its use of a pair of keys. You’ve got your public key, which is what we use to encrypt our message, and a private key to decrypt it. The result of RSA encryption is a huge that takes attackers quite a bit of time and processing power to break.

3. Blowfish:

Blowfish is another algorithm designed to replace DES. This symmetric cipher splits messages into blocks of 64 bits and encrypts them individually. Blowfish is known for both its speed and effectiveness as many claim that it has never been defeated. Vendors have taken full advantage of its free availability in the public domain. Blowfish can be found in software categories ranging from e-commerce platforms for securing payments to password management tools, where it used to protect passwords. It’s definitely one of the more flexible encryption methods available.

4. Twofish:

Keys used in this algorithm may be up to 256 bits in length and as a symmetric technique, only one key is needed. Twofish is regarded as one of the fastest of its kind, and ideal for use in both hardware and software environments. Like Blowfish, Twofish is freely available to anyone who wants to use it. Encryption programs such as PhotoEncrypt, GPG, and the popular open source software TrueCrypt are there.

5. AES:

The Advanced Encryption Standard is the algorithm trusted as the standard by the U.S. Government and numerous organizations. Although it is extremely efficient in 128-bit form, AES also uses keys of 192 and 256 bits for heavy duty encryption purposes. AES is largely considered impervious to all attacks, with the exception of brute force, which attempts to decipher messages using all possible combinations in the 128, 192, or 256bit cipher. Still, security experts believe that AES will eventually be hailed the de facto standard for encrypting data in the private sector.

                                                       

                                                    

                                                   Benefits of Encryption

The primary purpose of encryption is to protect the confidentiality of digital data stored on computer systems or transmitted via the internet or any other computer network. A number of organizations either recommend or require sensitive data to be encrypted in order to prevent unauthorized third parties or threat actors from accessing the data. For example, the Payment Card Industry Data Security Standard requires merchants to encrypt customers' payment card data when it is both stored at rest and transmitted across public networks.

Modern encryption algorithms also play a vital role in the security assurance of IT systems and communications as they can provide not only confidentiality, but also the following key elements of security:

• Authentication: the origin of a message can be verified.

• Integrity: proof that the contents of a message have not been changed since it was sent.

• Non repudiation: the sender of a message cannot deny sending the message.

                                             

                                                                Encryption Issues

Although it seems like common sense to use data encryption in business and other entities for security, many organizations are opposed to encrypting data because of some of the obstacles involved with doing so.

Like everything else, data encryption has its pros and cons and businesses must look at all of the considerations to make an informed decision about encryption.

Data Encryption :

• Encryption Keys: Without a doubt, data encryption is a monumental task for an IT specialist. The more data encryption keys there are the more difficult IT administrative tasks for maintaining all of the keys can be. If you lose the key to the encryption, you have lost the data associated with it.

• Expense: Data encryption can prove to be quite costly because the systems that maintain data encryption must have capacity and upgrades to perform such tasks. Without capable systems, the reduction of systems operations can be significantly compromised.

• Unrealistic Requirements: If an organization does not understand some of the restraints imposed by data encryption technology, it is easy to set unrealistic standards and requirement which could jeopardize data encryption security.

• Compatibility: Data encryption technology can be tricky when you are layering it with existing programs and applications. This can negatively impact routine operations within the system.

For any cipher, the most basic method of attack is brute force; trying each key until the right one is found. The length of the key determines the number of possible keys, hence the feasibility of this type of attack. Encryption strength is directly tied to key size, but as the key size increases so, too, do the resources required to perform the computation.

Alternative methods of breaking a cipher include side-channel attacks, which don't attack the actual cipher but the physical side effects of its implementation. An error in system design or execution can allow such attacks to succeed.

Attackers may also attempt to break a targeted cipher through cryptanalysis, the process of attempting to find a weakness in the cipher that can be exploited with a complexity less than a brute-force attack. The challenge of successfully attacking a cipher is easier if the cipher has any flaw. For example, there have been suspicions that interference from the National Security Agency (NSA) weakened the Data Encryption Standard algorithm, and following revelations from former NSA analyst and contractor Edward Snowden, many believe the NSA has attempted to subvert other cryptography standards and weaken encryption products.

                                                           Conclusion

Thus, network security is one of the most important factors to consider while working over the internet, Local Area Network or other method. It doesn't matter how small or big businesses. It is said that there is no network that is immune to all attacks, a stable, fast and efficient network security system is essential to protecting data. A good network security system helps reduce the risk of data theft and sabotage. This analysis shows that AES is the better algorithm and AES does not have any well known weak points so far.

Answer 1

Technologies

Encryption algorithms can be used to encrypt plain text and decrypt ciphertext. A cryptographic hash function is used for encryption and the original input is not recovered easily from the output. Properties of a cryptographic hash function are:

• Output length is smaller than input length
• Fast computation
• Change in input effects change in output and output cannot determine the input
• Two different inputs never collide i.e., never generate the same output

Different types of encryption algorithms are:

• Triple Data Encryption Standard (DES) - Symmetric algorithm, 3 keys of 56 bits each, hackers defeated Triple DES, still used as hardware encryption solution for financial services
• RSA - Asymmetric algorithm, uses public key to encrypt and private key to decrypt, hackers take a lot of time & processing power to break it
• Blowfish - Symmetric algorithm, splits messages into blocks of 64 bits, fast and effective, free availability, used in e-commerce & password management tools
• Twofish - Symmetric algorithm, 256 bits key, fast & ideal for hardware and software solutions, free availability
• Advanced Enryption Standard (AES) - 128 or 192 or 256 bits key, difficult to attack without brute force

Benefits

• Confidentiality during storage and transmission
• Authentication of the origin of the message
• Integrity of the contents of the message
• Non repudiation - sender cannot deny sending the message

Issues

• Storage of all encryption keys
• Expensive systems to maintain keys and perform encryption
• Compatability with existing programs and applications
• Weakness is cipher can be exploited by attackers

Conclusion

• AES is the strongest algorithm designed so far