Don's Home Technology Virus - Security Security Contact
Security Risks:
Confidentiality - Can a hacker read the message.
  Soln: Encryption

Authenticity - Did the message really come from who you think it did.
  Soln: Digital Signature

Integrity - Has the message been modified by a hacker.

Encryption:

Symmetric (Secret Key) Cryptography
A branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or signature creation and signature verification). Symmetric cryptography is sometimes called "secret-key cryptography" (versus public-key cryptography) because the entities that share the key.
DES (Digital Encryption Standard) (1977) Block Cipher, 64-bit block, 56-Bit keys (DESX, 3DES, ),
In 1996, the supposedly uncrackable DES was broken.
AES (Advanced Encryption Standard) - (1997) uses 128, 192 or 256-bit keys
RC4, RC5, ARC4 (Rivest Cipher #4, #5, Alleged Rivest Cipher 4) (1987) uses variable keys up to 2048-bit
CAST-128 [RFC2144] (used in S/MIME e-mail encryption) variable key size (40 to 128 bits) All but ARC4 are block ciphers working on a bock (usually 8 bytes) at a time.
ARC4 is s stream cipher working on 1 character at a time.
Cipher  Key Size/Block Size 
ARC2 Variable/8 bytes
Blowfish Variable/8 bytes
CAST Variable/8 bytes
DES 8 bytes/8 bytes
DES3 (Triple DES) 16 bytes/8 bytes
IDEA 16 bytes/8 bytes
RC5 Variable/8 bytes

Asymmetric (Public Key) Cryptography
Public-key cryptography; A modern branch of cryptography in which the algorithms employ a pair of keys (a public key and a private key) and use a different component of the pair for different steps of the algorithm. Message encrypted with any of the keys can be decrypted ONLY with the other key. The public key can be given to everyone you want to send messages to.
The RSA Algorithm was invented by R.Rivest,A.Shamir and L.Adleman in 1977
Others: ECC, Diffie-Hellman/Oakley
Algorithm  Capabilities 
RSA Encryption, authentication/signatures
ElGamal Encryption, authentication/signatures
DSA Authentication/signatures
qNEW Authentication/signatures

How it works:
Asymmetric (Public-key) Encryption is significantly slower than symmetric key encryption, so frequently a random symmetric key is used to encrypt the information and that key is encrypted via an asymmetric algorithm and transmitted to the recipient using their public key. The recipient uses their private key to decrypt the symmetric key and then uses it to decrypt the data. This assures confidentiality.

Authenticity and integrity are assured with a digital signature. A hash is computed with the data to be sent. (A hash produces a number produced from a hash function on the original data, so if any data is changed there is a high probability that the hash will be different.) The hash is encrypted with the senders private key. The recipient decrypts the hash with the senders public key and compares it with the same hash function run at their end. If the numbers are different the data has been modified or it did not come from the real sender. references

Encryption_Algorithms
Types of encryption at freescale.com
SAIC Whitepaper Wireless (In)Security for Health Care (www.himss.org/content/files/WirelessInsecurityV11.pdf)
Core PKI Services: Authentication, Integrity, and Confidentiality at Microsoft
Links:
See VPN
username
. passwords
. _____________________________________________

last updated 16 Jan 2006