Question

Cyber security

Cryptography Homework

Part 1: Find good encryption solutions

1. Search the web for various commercial encryption algorithms.
2. Find one that you feel may be “snake oil”.
3. Write a report explaining the encryption algorithm and your opinion
   *in-text citations and references are required
   *written in at least 2~3 paragraphs

Answer 1

In Cyber Security field and in Cryptography technology, when good encryption solutions are taken as examples, among the commercial encryption algorithms, the one I feel may be “snake oil” are in general, any Secret Algorithms, unknown, and any proprietary encryption algorithms the vendors claim to be using them.

Report explaining the encryption algorithm and my opinion on the same:
The report shows few to many warning signs.

Example of a commercial encryption algorithm solution or product is a "USB-stick" device, which claims of using Advanced Encryption Standard (AES) security. It claims of performing AES encryption in software which runs within the host, while the key for the same is obtained from the device's memory.

Such a USB stick device would have cryptographic algorithms within, which could and would be proprietary to a particular vendor. Such algorithms are suspicious. However, it is not accused though!.

Other examples are Encryptor 4.0 software and Meganet's Virtual Matrix Encryption (VME).

Meganet's Virtual Matrix Encryption (VME) is a data security technique. It is also an apparatus or an appliance providing an outstanding degree of security. It requires and works at low computational cost. Its data security arrangement or measures is different from familiar and already existing ones from many basic aspects. They say, VME algorithm is unbreakable. They claim of incorporating both, 256 Bit AES and 1 Mega Bit unbreakable encryption (VME) in 1 certified module. They use Megabit Encryption (VME) and virtual key cryptographic.

Meganet's Virtual Matrix Encryption (VME) uses the same pseudo-mathematical which is a nonsense. Also, they have a more professional-looking (fake or bad) website. They do not have any idea on how modern cryptography works. They have cryptographers who does not know the difference between symmetric and public-key cryptography. They have every cryptographic algorithm that has been broken. Their 40-bit key, 48-bit key, 56-bit key, and 512-bit key have been broken.

They boast about their technology being the only unbreakable encryption commercially available. The key person working in the company states, all other encryption methods been hacked, except theirs.

This encryption algorithm solution they offer does not encrypt data at all, nor is it transferred, and hence, it does not have anything to be decryoted and broken as nothing has been encrypted or transferred in the first place, and as there is nothing to break, it is unbeakable. They encrypt data and they call it something else.

VME vendor uses many inflated claims, claims of using a new approach, states the method is unbreakable, and it is their proprietary and secret algorithm.