Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
Secrets On Security: A Gentle Introduction To Cryptography > NetSparsh - Viral Content you Love & Share

Secrets On Security: A Gentle Introduction To Cryptography

Let us take the example of scrambling an egg. First, crack the shell, pour the contents into a bowl and beat the contents vigorously until you achieved the needed result - well, a scrambled egg. This action of mixing the molecules of the egg is encryption. Since the molecules are mixed-up, we say the egg has achieved a higher state of entropy (state of randomness). To return the scrambled egg to its original form (including uncracking the shell) is decryption. Impossible?

However, if we substitute the word "egg" and replace it with "number", "molecules" with "digits", it is POSSIBLE. This, my friend, is the exciting world of cryptography (crypto for short). It is a new field dominated by talented mathematicians who uses vocabulary like "non-linear polynomial relations", "overdefined systems of multivariate polynomial equations", "Galois fields", and so forth. These cryptographers uses language that mere mortals like us cannot pretend to understand.

In the computer, everything stored are numbers. Your MP3 file is a number. Your text message is a number. Your address book is a longer number. The number 65 represents the character "A", 97 for the small "a", and so on.

For humans, we recognize numbers with the digits from 0 to 9, where else, the computer can only recognize 0 or 1. This is the binary system which uses bits instead of digits. To convert bits to digits, just simply multiply the number of bits by 0.3 to get a good estimation. For example, if you have 256-bits of Indonesian Rupiah (one of the lowest currency denomination in the world), Bill Gates' wealth in comparison would be microscopic.

The hexadecimal (base 16) system uses the ten digits from 0 to 9, plus the six extra symbols from A to F. This set has sixteen different "digits", hence the hexadecimal name. This notation is useful for computer workers to peek into the "real contents" stored by the computer. Alternatively, treat these different number systems as currencies, be it Euro, Swiss Franc, British Pound and the like. Just like an object can be priced with different values using these currencies, a number can also be "priced" in these different number systems as well.

To digress a bit, have you ever wondered why you had to study prime numbers in school? I am sure most mathematics teachers do not know this answer. Answer: A subbranch called public-key cryptography which uses prime numbers especially for encrypting e-mails. Over there, they are talking of even bigger numbers like 2048, 4096, 8192 bits.)

When we want to encrypt something, we need to use a cipher. A cipher is just an algorithm similar to a recipe for baking a cake. It has precise, unambiguous steps. To carry out the encryption process, you need a key (some called it passphrase). A good practice in cryptography needs the key used by a cipher must be of high entropy to be effective.

Data Encryption Standard (DES), introduced as a standard in the late 1970's, was the most commonly used cipher in the 1980's and early 1990's. It uses a 56-bit key. It was broken in the late 1990's with specialized computers costing about US$250,000 in 56 hours. With today's (2005) hardware, it is possible to crack within a day.

Subsequently, Triple-DES superseded DES as the logical way to preserve compatibility with earlier investments by big corporations (mainly banks). It uses two 56-bit key using three steps:-

1. Encrypt with Key 1.
2. Decrypt with Key 2.
3. Encrypt with Key 1.

The effective key length used is only 112-bits (equivalent to 34 digits). The key is any number between 0 and 5192296858534827628530496329220095. Some modify the last process using Key 3, making it more effective at 168-bit keys.

Advanced Encryption Standard (AES) was adopted as a standard by the National Institute of Standards & Technology, U.S.A. (NIST) in 2001. AES is based on the Rijndael (pronounced "rhine-doll") cipher developed by two Belgian cryptographers, Victor Rijmen and Joan Daemen. Typically, AES uses 256-bits (equivalent to 78 digits) for its keys. The key is any number between 0 and 15792089237316195423570985008687907853269984665640564039457584007913129639935. This number is the same as the estimated number of atoms in the universe.

The National Security Agency (NSA) approved AES in June 2003 for protecting top-level secrets within US governmental agencies (of course subject to their approval of the implementation methods). They are reputedly the ones that can eavesdrop on all telephone conversations going on around the world. Besides, this organization is recognized to be the largest employer of mathematicians in the world and may be the largest buyer of computer hardware in the world. The NSA probably have cryptographic expertise many years ahead of the public and can undoubtedly break many of the systems used in practice. For reasons of national security, almost all information about the NSA - even its budget is classified.

A brute force attack is basically to use all possible combinations in trying to decrypt encrypted materials.

A dictionary attack usually refers to text-based passphrases (passwords) by using commonly used passwords. The total number of commonly used passwords is surprisingly small, in computer terms.

An adversary is somebody, be it an individual, company, business rival, enemy, traitor or governmental agency who would probably gain by having access to your encrypted secrets. A determined adversary is one with more "brains" and resources. The best form of security is to have zero adversary (practically impossible to achieve), the next best is to have zero determined adversary!

A keylogger is a software program or hardware to capture all keystrokes typed. This is by far the most effective mechanism to crack password-based implementations of cryptosystems. Software keylogger programs are more common because they are small, work in stealth-mode and easily downloaded from the internet. Advanced keyloggers have the ability to run silently on a target machine and remotely deliver the recorded information to the user who introduced this covert monitoring session. Keystroke monitoring, as everything else created by man, can either be useful or harmful, depending on the monitor's intents. All confidential information which passes through the keyboard and reaches the computer includes all passwords, usernames, identification data, credit card details, and confidential documents (as they are typed).

For the last definition, we will use an example. Let's say you have your house equipped with the latest locks, no master keys and no locksmith can tamper with them. Your doors and windows are unbreakable. How then does an adversary get into your house without using a bulldozer to break your front door? Answer: the roof - by removing a few tiles, the adversary can get into your house. This is an exploit (weakness point). Every system, organization, individual has exploits.

See, it is not that difficult after all. If you can understand the material presented in this article, congratulations - you have become crypto-literate (less than 1% of all current computer users). If you do not believe me, try using some of this newfound knowledge on your banker friends or computer professionals.

Stan Seecrets' Postulate: "The sum total of all human knowledge is a prime number."

Corollary: "The sum total of all human wisdom is not a prime number."

This article may be freely reprinted providing it is published in its entirety, including the author's bio and link to the URL below.

The author, Stan Seecrets, is a veteran software developer with 25+ years experience at (http://www.seecrets.biz) which specializes in protecting digital assets. This site provides quality software priced like books, free-reprint articles on stock charts and computer security, free downloads and numerous free stuff. © Copyright 2005, Stan Seecrets. All rights reserved.

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

SB Nation

The Dolphins' dangerous stadium just caused a security guard to get hurt
SB Nation
The inexplicably close walls behind the end zones at Hard Rock Stadium have created dangerous situations in the past. On Sunday, it caused an injury to a security guard who got destroyed by Miami Dolphins wide receiver Kenny Stills. Stills caught a 5 ...
Kenny Stills cuts TD celebration short to check on security guard he ran overFor The Win
VIDEO: Dolphins Security Woman Gets Destroyed by Kenny Stills After TD Grab12up

all 18 news articles »

KOB

New Mexico districts to share funding for security upgrades
The State
More than 220 school campuses around New Mexico will be sharing state funding for security upgrades that will range from new doors and locks to fencing and security cameras. Forty-seven school districts applied for security improvements at 288 campuses.
Hundreds of New Mexico schools to get security upgradesKOB

all 4 news articles »

WIRED

The Tiny Chip That Powers Up Pixel 3 Security
WIRED
Having a secure, mobile hardware element isn't especially novel; the ARM chips that power most higher-end Android smartphones have something called TrustZone, a secure enclave within the main processor that sits apart from the operating system.


Fox News

Here's why Hillary Clinton losing her security clearance matters for the rest of us
Fox News
Hillary Clinton no longer has a security clearance. A letter released from the Department of State to Senator Chuck Grassley, a Republican from Iowa, says she lost her clearance on August 30 at her request. The State Department also withdrew security ...

and more »

Fox News

5 security settings to turn on your router before it's too late
Fox News
Suppose your house has a top-notch security system. There are locks on all the doors. Security cameras monitor from every angle. No one could get in – except for an open door that you completely forgot about and therefore leads to every room in the house.
Home Network Security in the Internet AgeTechSpective

all 2 news articles »

WWBT NBC12 News

WANTED: Man breaks into home, accidentally takes selfie on security camera
WWBT NBC12 News
BATON ROUGE, LA (WAFB) - Say Cheese! Police are asking for the public's assistance identifying and locating a burglary suspect. The East Baton Rouge Parish Sheriff's Office says on Oct. 8, they were called about a residential burglary in the 1000 block ...

and more »

Military Times

US commander confident in ability of Afghan security forces
Military Times
WASHINGTON — The assassination of Afghan leaders in Kandahar province won't lessen U.S. support for the war in Afghanistan or deter local security forces in the fight against the Taliban, the top U.S. military commander in the Middle East said Saturday.

and more »

Arizona Sports

Kenny Stills rewards security guard after sending her into endzone wall
Arizona Sports
Miami Dolphins wide receiver Kenny Stills (10) gives a football to a security woman he pushes to the ground after scoring a touchdown, during the first half of an NFL football game against the Detroit Lions, Sunday, Oct. 21, 2018, in Miami Gardens, Fla.
Kenny Stills hammers security guard after touchdown247Sports
Watch: Dolphins' Kenny Stills runs into security guard after TDYardbarker
Kenny Stills runs over security guard, gives her TD ballYahoo Sports
The Spun (blog)
all 821 news articles »

New York Post

Dolphins receiver accidentally blindsides security woman in brutal hit
New York Post
Miami Dolphins receiver Kenny Stills was shaken up when he ran into a female security officer as he caught a 5-yard touchdown pass in the corner of the end zone during the second quarter against Detroit. The woman was blindsided, tumbled to the ground ...

and more »

Sarasota Herald-Tribune

How anonymous is the state's new security app?
Sarasota Herald-Tribune
The Florida Legislature required the Florida Department of Law Enforcement and Florida Attorney General's Office to launch an app for anonymously reporting suspicious activity last March as part of the sweeping new school security law. Nearly seven ...

Google News

Virus and Adware - Fix them Both!

We all get the odd virus now and then, but... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network... Read More

Temporary Internet Files - the Good, the Bad, and the Ugly

A little bit of time invested into learning about internet... Read More

Three-pronged Trojan Attack Threatens Security on the Internet

Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names... Read More

What is Hacking? Are You a Hacker?

WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

Be Alert! Others Can Catch Your Money Easily!

So called phishers try to catch the information about the... Read More

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

Identity Theft - Dont Blame The Internet

Identity theft ? also known as ID theft, identity fraud... Read More

Dont Miss Information Because of Misinformation

It has been said that with the wealth of information,... Read More

Online Shopping: 10 Tips For Safe Online Shopping

Have you ever bought a product or service from the... Read More

Hacking the Body Via PDA Wireless Device

First I would like to stress I am condoning the... Read More

8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft

Ebay is a great site and is used by many... Read More

How To Prevent Spyware Attacking Your Computer

Spyware is software or hardware installed on a computer without... Read More

I Spy...Something Terribly Wrong (In Your Computer)

This really chapped my lips...I recently bought a new computer.... Read More

Free Antivirus Security Software: Download Now to Eliminate Spyware, Pop Up Ads, etc.

Adware. Spyware. Pesky pop up ads. Internet congestion. Computer malfunctions... Read More

Preventing Online Identity Theft

Identity theft is one of the most common criminal acts... Read More

Spyware Protection Software

Spyware protection software is the easiest way of removing spyware... Read More

Make Money Online - Defend Against The Latest Scam

First, let's do a little recap'. As I stated in... Read More

The Risk Of Electronic Fraud & Identity Theft

Electronic Fraud and Identity Theft ----------------------------------- Human beings are pretty... Read More

Securities

NETWORK SECURITIES: IMPORTANCE OF SECURITIESComputers and securities must form a... Read More

Everything You Need To Know About Spyware and Malware

You are at your computer, checking out software on EBay.... Read More

Top Five Online Scams

The top five online scams on the Internet hit nearly... Read More

Computer Viruses, Worms, and Hoaxes

In recent days, I was one of the unfortunate persons... Read More

Watch Out For That Scam

The IFCC (Internet Fraud Complaint Center) received over 200,000 complaint... Read More