CRPTOGRAPHY, ENCRYPTION AND

PRIVACY
Encryption and Privacy
"They that can give up essential liberty to obtain a little temporary safety deserve
neither liberty nor safety." Benjamin Franklin, 1759.

Security and privacy have long been important issues forming the basis of numerous
democracies around the world. In the digital age, securing personal information and
ensuring privacy pose to be issues of paramount concern. At first glance, one might find
it gratifying that an online website greets the person by their first name, sends them
emails when goods of their taste are added, or recommends goods services based on their
demographic profile, previous visits, etc. An astute surfer though will also see the privacy
drawbacks in such services. Who else is being provided this information? Is there a way
to ensure the security of this information? What happens with the information if the
company meets financial diffuculties and has to liquidate its assets? Where does all that
"private information" go?

Many studies over the last few years have suggested that a majority of consumers are
concerned about when, what and how their personal information is being collected, how
this information is being used and whether it is being protected. They want to know
whether the information is being sold or shared with others, and if so with whom and for
what purposes. They also want to have control over their privacy in today's digital age
where strides in telecommunication, storage and software technologies have made
monitoring a person's activities effortless.

The Internet, once a research tool has grown into a mammoth educational, entertainment
and commercial implementation. The advent of commerce on the Internet exposed the
lack of security over this public network. The incorporation of encryption (especially
strong 128 bit encryption) into Internet browsers and web servers quelled this concern to
a certain extent. There was still the matter of storing the information sent over the
Internet in a safe manner. Firewalls and encryption software evolved to ensure that the
computers and data on the Internet were safer.

What can be done regarding these important issues? Part of the solution is to secure
important data - more specifically, using strong encryption. Educating end users and
corporations on the use of email and file encryption software, data encryption during
transmission using VPNs, password encryption on public interfaces and use of encryption
software like PGP, F-Secure and 128 bit version of IE/NS will lead us closer to the end
goal of a safer Internet.

The growth of the worldwide Internet user base and with Internet based transactions
believed to reach well over a trillion dollars in the next three years, it makes sense for the
parties involved to secure the Internet. Haphazard handling of financial and personal
information can lead to the Internet being constantly associated with fraud and privacy
abuses instead of being a viable commerce medium.

Why Use Encryption?

As organizations and individuals have connected to the Internet in droves, many have begun
eyeing its infrastructure as an inexpensive medium for wide-area and remote connections. The
Internet is an international network consisting of individual computers and computer networks
that are all interconnected by many paths. Unlike Local Area Networks where access is
physically restricted to authorized users, the Internet is a public network and can be accessed by
anyone. Now more than ever, moving vast amounts of information quickly and safely across
great distances is one of our most pressing needs. The basic idea of cryptography is to hide
information from prying eyes. On the Internet this can be your credit card numbers, bank account
information, health/social security information, or pseraonal correspondence with someone else.

History of Encryption
Encryption pre-dates the Internet by thousands of years. Looking back in history we find that
Julius Caesar was an early user of cryptography. He sent messages to his troops in a simple but
ingeneous method. A letter in the alphabet was replaced by one say 5 positions to the right. So, an
"A" would be replaced by an "E", "B" by "F" and so on. Hence RETURN would become
VJYZVS. But as it can be seen, this cipher can be easily broken by either figuring out a pattern,
by brute force or by getting ones hands on a plaintext and ciphertext combination to deduce the
pattern.

Users of Encryption
A few decades ago, only governments and diplomats used encryption to secure sensitive
information. Today, secure encryption on the Internet is the key to confidence for people wanting
to protect their privacy, or doing business online. E-Commerce, secure messaging, and virtual
private networks are just some of the applications that rely on encryption to ensure the safety of
data. In many companies that have proprietary or sensitive information, field personnel are
required to encrypt their entire laptops fearing that in the wrong hands this information could
cause millions of dollars in damage.
How Encryption Works
The concept behind encryption is quite simple - make the data unlegible for everyone else
except those specified. This is done using cyrptography - the study of sending 'messages'
in a secret form so that only those authorized to receive the 'message' be able to read it.

The easy part of encryption is applying a mathematical function to the plaintext and
converting it to an encrypted cipher. The harder part is to ensure that the people who are
supposed to decipher this message can do so with ease, yet only those authorized are able
to decipher it. We of-course also have to establish the legitimacy of the mathematical
function used to make sure that it is sufficiently complex and mathematically sound to
give us a high degree of safety.

The essential concept underlying all automated and computer security application is
cryptography. The two ways of going about this process are

• conventional (or symmetric) encryption

• public key (or asymmetric) encryption.

Private Key (Symmetric) Encryption

Private Key encryption also referred to as conventional, single-key or symmetric
encryption was the only available option prior to the advent of Public Key encryption in
1976. This form of encryption has been used throughout history by Julius Caesar, the
Navaho Indians, and German U-Boat commanders to present day military, government
and private sector applications. It enquires all parties that are communicating to share a
common key.

A conventional encryption scheme has five major parts:

Plaintext - this is the text message to which an algorithm is applied.

Encryption Algorithm - it performs mathematical operations to conduct substitutions and

transformations to the plaintext.

Secret Key - This is the input for the algorithm as the key dictates the encrypted outcome.
Cipher text - This is the encrypted or scrambled message produced by applying the
algorithm to the plaintext message using the secret key.

Decryption Algorithm - This is the encryption algorithm in reverse. It uses the cipher
text, and the secret key to derive the plaintext message.

When using this form of encryption, it is essential that the sender and receiver have a way
to exchange secret keys in a secure manner. If someone knows the secret key and can
figure out the algorithm, communications will be insecure. There is also the need for a
strong encryption algorithm. What this means is that if someone were to have a cipher
text and a corresponding plaintext message, they would be unable to determine the
encryption algorithm.

There are two methods of breaking conventional/symmetric encryption - brute force and
cryptanalysis. Brute force is just as it sounds; using a method (computer) to find all
possible combinations and eventually determine the plaintext message. Cryptanalysis is a
form of attack that attacks the characteristics of the algorithm to deduce a specific
plaintext or the key used. One would then be able to figure out the plaintext for all past
and future messages that continue to use this compromised setup.

Public Key Encryption

1976 saw the introduction of a radical new idea into the field of cryptography. This idea centered
around the premise of making the encryption and decryption keys different - where the
knowledge of one key would not allow a person to find out the other. Public key encryption
algorithms are based on the premise that each sender and recipient has a private key, known only
to him/her and a public key, which can be known by anyone. Each encryption/decryption process
requires at least one public key and one private key. A key is a randomly generated set of
numbers/ characters that is used to encrypt/decrypt information.

A public key encryption scheme has six major parts:

Plaintext - this is the text message to which an algorithm is applied.

Encryption Algorithm - it performs mathematical operations to conduct substitutions and

transformations to the plaintext.

Public and Private Keys - these are a pair of keys where one is used for encryption and the other
for decryption.
Cipher text - this is the encrypted or scrambled message produced by applying the algorithm to
the plaintext message using key.

Decryption Algorithm - This algorithm generates the cipher text and the matching key to produce
the plaintext.

Selecting the Public and Private Keys

1. Select large prime numbers p and q and form n = pq.

2. Select an integer e > 1 such that GCD(e, (p - 1)(q - 1)) = 1.
3. Solve the congruence, ed  1 (mod (p - 1), (q - 1))
for an integer d where 1 < d < (p - 1)(q - 1).
4. The public encryption key is (e,n).
5. The private encryption key is (d,n).

The Encryption Process

• The process of encryption begins by converting the text to a pre hash code. This code is
generated using a mathematical formula.

• This pre hash code is encrypted by the software using the senders private key. The private
key would be generated using the algorithm used by the software.

• The encrypted pre hash code and the message are encrypted again using the sender's
private key.

• The next step is for the sender of the message to retrieve the public key of the person this
information is intended for.

• The sender encrypts the secret key with the recipient's public key, so only the recipient
can decrypt it with his/her private key, thus concluding the encryption process.

1. Lookup the user's public key (e , n ).

2. Make sure that the message M is an integer such that 0  M  n.
3. Compute, M ^ e  C (mod n) where 0  C  n.
4. Transmit the integer C.

The Decryption Process

• The recipient uses his/her private key to decrypt the secret key.

• The recipient uses their private key along with the secret key to decipher the encrypted
pre hash code and the encrypted message.

• The recipient then retrieves the sender's public key. This public key is used to decrypt the
pre hash code and to verify the sender's identity.
 • The recipient generates a post hash code from the message. If the post hash code equals
the pre hash code, then this verifies that the message has not been changed en-route.

1. Use your private key (d , n ).

2. Receive the integer C, where 0  C  n.
3. Compute, C ^ d  R (mod n) where 0  R  n.
4. R is the original message.

Encryption Algorithms
Different encryption algorithms use proprietary methods of generating these keys and are
therefore useful for different applications. Here are some nifty gritty details about some of these
encryption algorithms. Strong encryption is often discerned by the key length used by the
algorithm.

RSA
In 1977, shortly after the idea of a public key system was proposed, three mathematicians, Ron
Rivest, Adi Shamir and Len Adleman gave a concrete example of how such a method could be
implemented. To honor them, the method was referred to as the RSA Scheme. The system uses a
private and a public key. To start two large prime numbers are selected and then multiplied
together; n=p*q.

If we let f(n) = (p-1) (q-1), and e>1 such that GCD(e, f(n))=1. Here e will have a fairly large
probability of being co-prime to f(n), if n is large enough and e will be part of the encryption key.
If we solve the Linear Diophantine equation; ed congruent 1 (mod f(n)), for d. The pair of
integers (e, n) are the public key and (d, n) form the private key. Encryption of M can be
accomplished by the following expression; Me = qn + C where 0<= C < n. Decryption would be
the inverse of the encryption and could be expressed as; Cd congruent R (mod n) where 0<= R <
n. RSA is the most popular method for public key encryption and digital signatures today.

DES/3DES
The Data Encryption Standard (DES) was developed and endorsed by the U.S. government in
1977 as an official standard and forms the basis not only for the Automatic Teller Machines
(ATM) PIN authentication but a variant is also utilized in UNIX password encryption. DES is a
block cipher with 64-bit block size that uses 56-bit keys. Due to recent advances in computer
technology, some experts no longer consider DES secure against all attacks; since then Triple-
DES (3DES) has emerged as a stronger method. Using standard DES encryption, Triple-DES
encrypts data three times and uses a different key for at least one of the three passes giving it a
cumulative key size of 112-168 bits.

BLOWFISH
Blowfish is a symmetric block cipher just like DES or IDEA. It takes a variable-length key, from
32 to 448 bits, making it ideal for both domestic and exportable use. Bruce Schneier designed
Blowfish in 1993 as a fast, free alternative to the then existing encryption algorithms. Since then
Blowfish has been analyzed considerably, and is gaining acceptance as a strong encryption
algorithm.

IDEA
International Data Encryption Algorithm (IDEA) is an algorithm that was developed by Dr. X.
Lai and Prof. J. Massey in Switzerland in the early 1990s to replace the DES standard. It uses the
same key for encryption and decryption, like DES operating on 8 bytes at a time. Unlike DES
though it uses a 128 bit key. This key length makes it impossible to break by simply trying every
key, and no other means of attack is known. It is a fast algorithm, and has also been implemented
in hardware chipsets, making it even faster.

SEAL
Rogaway and Coppersmith designed the Software-optimized Encryption Algorithm (SEAL) in
1993. It is a Stream-Cipher, i.e., data to be encrypted is continuously encrypted. Stream Ciphers
are much faster than block ciphers (Blowfish, IDEA, DES) but have a longer initialization phase
during which a large set of tables is done using the Secure Hash Algorithm. SEAL uses a 160 bit
key for encryption and is considered very safe.

RC4
RC4 is a cipher invented by Ron Rivest, co-inventor of the RSA Scheme. It is used in a number
of commercial systems like Lotus Notes and Netscape. It is a cipher with a key size of up to 2048
bits (256 bytes), which on the brief examination given it over the past year or so seems to be a
relatively fast and strong cipher. It creates a stream of random bytes and 'XORing' those bytes
with the text. It is useful in situations in which a new key can be chosen for each message.

Cracking Encryption Algorithms

Need for secure encryption algorithms
Good cryptographic systems should always be designed so that they are as difficult to break as
possible. Governments have always had concerns with strong encryption fearing that it could be
used against their countries by criminals. Sophisticated technology is used by law enforcement
agencies to decipher encrypted information that might contain incriminating evidence. In theory
one can break any encryption algorithm by exhausting every key in a sequence. This brute force
method requires vast amounts of computing power as length of the key increase. For example a
32-bit key takes 2^32 (4294967296) steps. A system with 40 bit keys (e.g. US-exportable version
of RC4) takes 2^40 steps - this kind of computing power is available in most universities and
even small companies.

Encryption key lengths & hacking feasibility

As key lengths increase, the number of combinations that must be tried for a brute force attack
increase exponentially. For example a 128-bit key would have 2^128 (3.402823669209e+38)
total possible combinations. For example, to theoretically crack the 128-bit IDEA key using brute
force one would have to:
 • develop a CPU that can test 1 billion IDEA keys per second
• build a parallel machine that consists of one million of these processors
• mass produce them to an extent that everyone can own one hundred of these
machines
• network them all together and start working through the 128 bit key space

Assuming ideal performance and no downtime, one should be able to exhaustively search the
key-space in over 20,000 years. A common concern amongst many is deciding what key length is
secure.

Time & Cost/Key Time & Cost/Key

Type of Attacker Budget Tool
40 bit 56 bit

Scavenged computer
Minimal 1 week Not feasible
time
Regular User
$400 5 hours ($.08) 38 years ($5,000)
FPGA

Small Business $10,000 FPGA 1 12 min.($.08) 556 days ($5,000)

FPGA 24 sec. ($.08) 19 days ($5,000)

Corporate Department $300,000
ASIC 2 0.18 sec. ($.001) 3 hours ($38)

Large Corporation $10M ASIC 0.005 sec.($0.001) 6 min. ($38)

Intelligence Agency $300M ASIC 0.0002 sec.($0.001) 12 sec. ($38)

There is a metronome for technological progress called Moore's Law which states that; "the
number of components that can be packed on a computer chip doubles every 18 months while the
price stays the same" . Essentially, this means that computing power per dollar doubles every
eighteen months. Using a derivative of this above law one can also say that, if a key length of x
is considered safe today, in 18 months the key length would have to be x+1 to keep up to par
with the computing power. Recent studies performed by independent scientists have shown that
key lengths should be no less than 90-bits long to ensure complete security for the next 20 years.

1
FPGA (Field Programmable Gate Arrays) are programmable pieces of hardware specifically
designed for encryption/decryption.

2
ASIC (Application Specific Integrated Circuits) are also specialized hardware that can test 200
million keys per second.
Encrypted Email
One of the most common uses of encryption is in electronic messaging. Encryption can
be used to secure email on public and private networks. Unlike e-mail on a private
system, which goes directly to a mail server and resides there until it is retrieved, Internet
e-mail bounces from server to server on its way to a recipient. This makes the
transmission channel impossible to secure and provides numerous opportunities for
interception. Here it makes sense to secure the message itself by using encryption. But
private networks are not immune to the need for higher security and often employ
encryption to guarantee the integrity of the message.

Sending plaintext email is like sending a postcard - what type of information do you
disclose when mailing a postcard? When do you consider putting the letter in an envelope
to resist tampering and to protect your privacy? Similarly, encrypting email is the first
step to securing the contents of your message. One of the most popular methods of email
encryption is the use of public key encryption.

The two most widely fielded methods of email encryption are PGP (Pretty Good Privacy)
and Entrust. The former provides solutions for both individuals and corporations while
Entrust focuses on the larger enterprise based secure messaging solutions. Also availabe
to individual users/small businesses is encrypted email on a web based platform through
Hushmail. This service allows you to send and receive email from their website, never
having to buy any software or have the need for extra infrastructure.

Also available is S/MIME (Secure / Multipurpose Internet Mail Extensions) - a protocol

that adds digital signatures and encryption to Internet MIME messages. The MIME
format allows the body of the message to be text, graphics, audio/video, etc allowing one
to encrypt multiple forms of newsgroup communications.

Encrypted mail enables the 'little guy' to decide how much privacy they want and when
and where they want it. The Tools section has resources one could use for encrypted and
anonymous email.
Virtual Private Networks (VPNs)
Recent technological advances in broadband and dial data access offer a more cost-effective
solution for supporting large numbers of remote users, as well as unprecedented network
scalability and flexibility. These technology advances have created virtual private networks
(VPN) using public links. They can be used to provide mobile workers with remote access to the
corporate network - at the price of a local call. As with any use of public networks, one sacrifices
privacy for cost and availability. Except a VPN is a network tunnel created for data transmission
between two or more authenticated parties. A secure VPN encrypts data before passing it through
the network tunnel. This creates an encrypted "pipe" between the user and the access device
ensuring data integrity/authenticity, and user privacy. Apart from providing connectivity for
remote users, VPNs can also be used to interconnect servers and complete networks, creating
entities known as Extranets.

Virtual Private Networks can be implemented by using propreitory systems from Nortel
Networks, Cisco, Datafellows, Intel, Nokia, Checkpoint, Lucent and others. Point to point VPNs
can also be created using imbedded protocols in Operating Systems like Windows
2000/XP/Linux or even by applications like PGP.

IPSEC
The IP Security Protocol (IPSec) working group has defined a set of specifications for
cryptographically-based authentication, integrity, and confidentiality services at the IP datagram
layer. This protocol is intended to secure data communications on the Internet and is one of the
fastest growing security standards worldwide. IPSec supports multiple algorithms and key
management systems within its design architecture.
Encryption Tools
There are many free and paid encryption tools available on the Internet. Some better than others,
but nonetheless one can setup a secure messaging system (email encryption), secure transactions
(SSL enabled web browsers) and secure connectivity (VPNs and SSH) on a very small budget.
Some of the small business/individual solutions available include:

EMAIL
PGP - this is the de-facto secure messaging standard on the Internet. Network Associates has
dropped this product suite but fortunately the strong user base of PGP means it is likely to stay as
the most popular email encryption tool.

Hush mail - here is another way of adding encryption to your email. But unlike software tools
(say PGP) it is a service built into web based email. With free and paid service, one can get the
flexibility of a web based email account combined with the security of 1,024-bit encryption,
digital signatures and support for the OpenPGP standard.

FILE ENCRYPTION
Private File - Private File is a fast and easy way to protect yourself and your company by
encrypting your files before sending them. With a simple drag-and-drop, or a menu point-and-
click, your information is safe. And with the strongest encryption, you can be sure that no one but
your desired recipient will be able to use your information.

F-Secure File Crypto - developed by Data fellows Corp, this is a long standing file encryption
application that supports strong encryption. Also comes for Pocket PC.

Shy File - free and paid versions of a strong encryption application that lets you create self-
executable, encrypted packages.

VPNs
PGP - certain versions of this applications allow point to point encrypted VPN sessions.

Windows NT/2000/XP & Linux - they allow 'secure' data transmssion between two nodes using
the PPTP protocol.
Internet Privacy
The Internet is a great tool. As it becomes woven into our day to day fabric, there are
many more tasks that can be done on it. It is convenient, most people in the developed
world have access to it. And many organizations/corporations are providing users with
the tools to get stuff done on the Internet. Everyone from governments (records,
applications, taxes), businesses (shopping, services, bill payments, banking) and
individuals (research, communication, entertainment) are using the Internet to conduct
transactions.

But the Internet is a public network. That is, the access routes are for the most part open
to other traffic and users. It is also a medium to obtain information, legally or not on a
wide variety of people and things. So how can we make sure that the Internet can be used
without compromising privacy of the users? A tough proposition that is getting harder
every day. Like or not, websites collect information about their visitors (cookies, logs).
Information that includes how often they visit, what links they click on, what they buy,
etc. If you entered your name, age, or any other demographic information, there is a good
chance that it might be provided to other firms to sell products/services or for analysis.
Many times, the users are unaware of exactly what is being collected/monitored. What
happens to this personal information if the company has financial difficulties and has to
liquidate its assets? Is this information a company asset, free to be sold to the highest
bidder?

Internet applications like IE/Netscape have not really kept up either. Privacy issues have
been put on the back burner in an effort to compete for market share which is
predominantly based on ease of use and standards. Privacy is that uncomfortable issue
that most people wish would go away. There are many other tools like Anonymizer,
McAfee Privacy Services and others that can help users sanitize their computers and get
an upper hand on what information they want on their computers. These applications
allow you to select what personal information you wish to divulge and how to clean up
your computer so as to negate any information or statistics that might be collected on you
while surfing. These tools and a good personal firewall along with an anti-virus software
are essential for every Internet user.

The Internet is also a great tool to learn about increasing your privacy and securing
private information.
Identity Theft
Identity theft is a growing problem in today's society. It is relatively easy to pull off and very
devastating for the victims. There are thousands of cases every year where people see the
fraudulent use of their identity to rack up credit card bills and ruin their reputations and credit
histories. The Internet is definitely a factor here and is often pointed to as a culprit. But it can also
be used to fight back and ensure that ones privacy is maintained. Here are some simple on and
offline steps to follow in order to avoid identity theft.

ONLINE PRIVACY:
• Have you seen your credit report lately? You should check your credit report every 6
months to a year using one of many online credit report services.

• Use services and applications like Anonymizer or McAfee Privacy Services to control
what personal information is divulged to websites.

• Install a good personal firewall (Norton, Black Ice, etc) - here are some firewall reviews.

• Use a good anti-virus software (Norton, McAfee, etc) and update signatures regularly

• Encrypt email communications using services like Hushmail.

• Have more than one email address, use free services like Yahoo!, Hotmail, or Spam
Bully (which has good anti-spam tools) for regular email.

• Upgrade your web browser and operating system to support strong (i.e. 128 bit +)
encryption.

• Do not divulge private information on the Internet, especially watch where you post your
resumes.

OFFLINE:
• Get a secure mailbox/PO Box - one that won't allow someone to go through your mail.

• Get an unlisted number and subscribe to caller id.

• Buy a shredder; destroy any and all unwanted documentation before discarding.

• Have access to legal representation to consult about your rights.

 • Guard your Social Security Number (SSN).

• Diversify your assets and investments

• Learn how to protect your customer privacy.

If you are an identity theft victim, contact your local police department ASAP and implement all
of the above suggestions.

Computer Hacking and Security

With the rapid growth of the worldwide Internet user base, online transactions are believed to
reach well over a trillion dollars in the next three years. With stakes this high, it makes sense for
all parties involved to secure the Internet. Haphazard handling of financial and personal
information can lead to the Internet being constantly associated with fraud and privacy abuses
instead of being a viable commerce medium. The goal for higher security starts with the
individual user.

The term "hacker" has been around for a while. It originally referred to a person not well versed
with a computer trying different things to accomplish a task. To hack was to figure out something
through sheer trial and error or logical deduction. Today, a hacker described as a person who
breaks into computers for various reasons. Crackers and script-kiddies are two other more
commonly used terms describing those involved in the break in or disruption of an online service.

Security problems can occur in any networked environment. Many of the problems are related to
the exploitation of the original design of the TCP/IP suite of internetworking protocols, but the
majority is due to configuration or operator errors. Hackers are not just looking for websites or
government computers to hack - utility grids, emergency information systems, controls for dams
and locks, financial information, inter-banking information, military communications and much
more sensitive information travels on the Internet and other communication networks.

In broad terms, security threats can be classified as active and passive.

ACTIVE HACKING:
Active attacks involve the modification of transmitted data and attempts to gain unauthorized
access to systems. Data communication is based on a set of handshakes to ensure the smooth and
reliable flow of information. A hacker that is between a client and a server and is able to spoof
(illegally duplicate) the IP address and sequence numbers, can attack either machine in several
ways. The hacker can disable one of the machines and take the identity of the other, or the hacker
can mimic either machine and carry on conversations impersonating the other.

A hacker could also attach additional information to a client request and strip the corresponding
additional response from the packet before forwarding the remaining response to the client's
original request. All this while having access to information that is assumed to be going back and
forth between two 'trusted' systems. Computer viruses and Trojans are also examples of active
attacks. They can disable machines or in the case of Trojans allow malicious hackers access to
sensitive information by creating a back door.

PASSIVE HACKING:
Passive attacks have to do with eves dropping and monitoring transmissions. All electronic
transmissions (email, WWW, telnet, etc) can theoretically be monitored. Since most computers
(and the whole Internet) is part of network(s), spying on data transmissions is a major concern.
One of the earliest and most sophisticated passive eavesdropping example comes to us from the
Cold War. The US Navy was able to 'tap' into Soviet undersea fiber optic lines by using special
submarines and for years had complete knowledge of that set of communications. On the Internet,
protocols like HTTP, FTP and telnet are non-encrypted modes of communications that can easily
be compromised. Therefore, encrypted versions (HTTPS, SSH, etc) should be used when
transmitting sensitive information.

Computer Security
There are three data security concerns that need to be addressed - confidentiality,
authentication, and non-repudiatability. Confidentiality ensures that the data is readable
only by the intended recipients. Authentication provides protection against unauthorized
access or forgeries. Non-repudiatability ensures that someone cannot deny having
conducted a transaction. The steps needed to curb the security concerns on the Internet
are three fold. First is a balance between industry self-regulation and laws to deter
unscrupulous practices. Second would be the education of the Internet user base on their
rights and tools to ensure their protection while online. Lastly, the continuous advent of
technology as it matures the Internet and provides us with newer more powerful tools that
will enhance the current economic boom that many regard as an Internet phenomenon.

So how do you secure sensitive data? Well if it is so sensitive that it cannot be

compromised under any circumstances, then the only sure fire security precaution is to
take it off any networks. There must be an "air gap" between this system and the rest of
the network. But first one would be to ensure that the physical location has been secured.
Access to the network would be limited to those who need it and control be exercised by
a combination of security methods (passwords, smartcards, biometrics). Biometrics
always brings up the question of privacy. And in applications where the masses would be
affected, this is a valid concern. But biometrics can be very useful if one is trying to
control access or verify the identity of a smaller number of people. This is also advisable
due to the error rates currently seen in biometric systems (~ 0.01%). And the answer to
securing data during transmission is Encryption.

When it comes to personal computers, ensuring security is a more manageable matter. If

you store sensitive material on your home computer you should consider using an
encryption program like PGP or Private File. Any computer that is connected to a
broadband (DSL/Cable/Satellite) connection requires an extra layer of protection. You
should consider either a good personal firewall and/or a firewall router - the firewall
router will also allow you to share your internet connection with other PCs in your home.

Operating Systems Security

Needless to say, all operating systems are not created equal. None most popular operating
systems of today were developed with secure electronic commerce in mind.

Unix is the oldest and most widely used networking operating system in use today. Unix
has the advantage of having been hacked and patched by hackers and crackers for
decades. One of the most popular Unix derivatives is Linux, developed by Linus
Torvalds and now maintained by thousands of volunteers and many software companies.
But Linux still has flaws that are being discovered every day. It is extremely important to
monitor these occurrences and apply the necessary patched when they are made
available.

Microsoft's Windows platform has seen unprecedented growth as a server and client
platform. Whether it be in the millions of home PCs, on the Internet or on corporate
LANs, its popularity has caught the fancy of many hackers.

Introduction to Secret Key Cryptography

Cryptography, simply defined, is the art of combining some input data, called the
plaintext, with a user-specified password to generate an encrypted output, called cipher
text, in such a way that, given the cipher text, it is extremely difficult to recover the
original plaintext without the encryption password in a reasonable amount of time. The
algorithms that combine the keys and plaintext are called ciphers. Various ciphers are
documented in the Algorithms section. Many ciphers accept a fixed length password
(also called a key). The key space is the total number of possible keys. For a cipher that
accepts 160 bit keys, this is 2160, or approximately 1.46 x 1048. Although recommended
key lengths change as computing power grows, the currently secure key length for
encryption ranges from 128 to 256 bits, with most modern algorithms using keys at least
128 bits.

So what makes one cipher better than another? What makes a cipher secure? Although
these questions are the essence of cryptography, their answers are relatively simple: if
there is no other way to "break" the algorithm (recover the plaintext or key given some
cipher text) other than searching through every possible key, then the algorithm is secure.
This is where a large key length comes in -- the larger the key length, the more possible
keys to search through, and therefore the more secure the algorithm. Cryptanalytic attacks
are simply means of reducing the number of keys that need to be searched.

The majority of the encryption algorithms in use today are block algorithms, which
operate on one chunk (generally 64 bits) of data at a time. By comparison, stream ciphers
operate on variable lengths of data. Stream ciphers can be thought of as seeded random
number generators (with the seed being the key), with the random numbers being
combined with the plaintext to generate cipher text. The better the generated numbers are,
the more secure the stream cipher is.

Block algorithms are, in terms of both design and implementation, generally more
complex than stream ciphers. Bruce Schneier's Blowfish algorithm is a very good
example of a block cipher and illustrates some important design concepts. Blowfish
combines an non-invertible f function, key-dependent S-boxes, and a Feistel network to
make a cipher that has not yet been broken. It is relatively simple to implement. CAST,
another cipher of high repute, is very similar to Blowfish in overall design.

Kremlin supports secret key cryptosystems and cryptographic hash functions.

The Blowfish Algorithm

The most interesting portion of Blowfish is its non-invertible f function. This function
uses modular arithmetic to generate indexes into the S-boxes. Modular arithmetic is
usually used to create non-invertible f functions. Non-inevitability is best explained by
example:

take the function f(x) = x2 mod 7.

x 1 2 3 4 5 6 7
x2 1 4 9 16 25 36 49
x2 mod 7 1 4 2 2 4 1 0

Given an output, there is no function that can generate the specific input to f(x). For
example, if you knew that your function has a value of 4 at some x, there is no way to
know if that x is 2, 5, or any other x whose f(x) = 4. Blowfish does its arithmetic over
mod 232 (232 is around 4 billion). This is called arithmetic in a finite field and makes some
common mathematical assumptions untrue (1+1 does not equal two if you are in a finite
field of size two).

S-boxes are just large arrays of predefined data. During the process of key setup, the key
is combined with the S-boxes. The details of this key-setup are relatively uninteresting,
but the fact that it combines the key with the S-boxes strengthens the algorithm greatly.
Key setup in Blowfish is designed to be relatively slow. This is actually a benefit, as
someone doing a brute-force search of keys will have to go through the slow key setup
process for each key tried. However, someone doing encryption and decryption must only
go through the key setup process once. Encryption and decryption are relatively fast.

Another important element of Blowfish is the Feistel network. Using the Feistel network
gives the cipher two very desirable properties: decryption using the same f function (even
if it is non-invertible) and the ability to iterate the function multiple times. These multiple
iterations are called rounds. The more rounds, the more secure the algorithm is. The
recommended number of rounds depends on the specific algorithm; for Blowfish, it is 16.
A Feistel network can be described by the following algorithm (taken from Applied
Cryptography):

Divide a block of length n into two parts, L and R, of length n/2

Li = Ri– 1,
Ri = Li– 1 (+) f(Ri– 1,Ki),

where (+) is a bitwise addition modulo 2 (exclusive OR).

Cryptographic Algorithms
BLOCK CIPHERS
3-Way

3-Way is a simple and fast cipher designed by Joan Daemen. 3-Way features a 96-bit key
length and a 96-bit block length. 3-Way is an iterated block cipher that repeats some
relatively simple operations a specified number of rounds. David Wagner, John Kelsey,
and Bruce Schneier of Counterpane Systems have discovered a related key attack on 3-
Way that requires one related key query and about 222 chosen plaintexts, described in this
paper. 3-Way is unpatented.

Blowfish

Blowfish is a block cipher designed by Bruce Schneier, author of Applied Cryptography.

Blowfish combines a Feistel network, key-dependent S-Boxes, and a non-invertible F
function to create what is perhaps one of the most secure algorithms available. Schneier's
paper is available here. Blowfish is also described in the Concepts of Cryptography page.
The only known attacks against Blowfish are based on its weak key classes.

Blowfish is implemented in Kremlin.

CAST

CAST, designed by Carlisle Adams and Stafford Taveres, is shaping up to be a solid

algorithm. Its design is very similar to Blowfish's, with key-dependent S-Boxes, a non-
invertible f function, and a Feistel network-like structure (called a substitution-
permutation network). David Wagner, John Kelsey, and Bruce Schneier have discovered
a related-key attack on the 64-bit version of CAST that requires approximately 217 chosen
plaintexts, one related query, and 248 offline computations (described in this paper). The
attack is infeasible at best. CAST is patented by Entrust Technologies, which has
generously released it for free use. The CAST cipher design process is described in this
paper and the 128-bit version is described in this addendum. Carlisle Adams has
submitted a version of CAST (CAST-256) as an AES candidate.

CAST-128 is implemented in Kremlin.

CMEA

CMEA is the encryption algorithm developed by the Telecommunications Industry

Association to encrypt digital cellular phone data. It uses a 64-bit key and features a
variable block length. CMEA is used to encrypt the control channel of cellular phones. It
is distinct from ORYX, an also insecure stream cipher that is used to encrypt data
transmitted over digital cellular phones. It has been broken by David Wagner, John
Kelsey, and Bruce Schneier of Counterpane Systems. Their paper, which also provides an
excellent description of the CMEA algorithm, is available here.

DES

Designed at IBM during the 1970s and officially adopted as the NIST standard
encryption algorithm for unclassified data in 1976, DES has become the bastion of the
cryptography market. However, DES has since become outdated, its long reign as official
NIST algorithm ending in 1997. Though DES accepts a 64-bit key, the key setup routines
effectively discard 8 bits, giving DES a 56-bit effective keylength. DES remains widely
in use. During the design of DES, the NSA provided secret S-Boxes. After differential
cryptanalysis had been discovered outside the closed fortress of the NSA, it was revealed
that the DES S-boxes were designed to be resistant against differential cryptanalysis.
DES is becoming weaker and weaker over time; modern computing power is fast
approaching the computational horsepower needed to easily crack DES.

DES was designed to be implemented only in hardware, and is therefore extremely slow
in software. A recent successful effort to crack DES took several thousand computers
several months. The EFF has sponsored the development of a crypto chip named "Deep
Crack" that can process 88 billion DES keys per second and has successfully cracked 56
bit DES in less than 3 days.

DES is implemented in Kremlin (accessible through Kremlin SDK API).

Triple-DES

A variant of DES, Triple-DES (also 3DES) is based on using DES three times. This
means that the input data is encrypted three times. The Triple-DES is considered much
stronger than DES, however, it is rather slow compared to some new block ciphers.

DEAL

DEAL is an interesting AES submission and, like all AES submissions, it uses a 128 bit
block and accepts 128 bit, 192 bit, and 256 bit keylengths. It uses DES as its inner round
function and its authors suggest at least 6, preferably 8 rounds (there are some attacks
against DEAL). There is a paper available here that describes some attacks, all of which
can be cured by using at least 8 rounds.

FEAL

Developed by the Nippon Telephone & Telegraph as an improvement to DES, the Fast
Data Encipherment Algorithm (FEAL) is very insecure. FEAL-4, FEAL-8, and FEAL-N
are all susceptible to a variety of cryptanalytic attacks, some requiring as little as 12
chosen plaintexts. FEAL is patented.

GOST

GOST is a cryptographic algorithm from Russia that appears to be the Russian analog to
DES both politically and technologically. Its designers took no chances, iterating the
GOST algorithm for 32 rounds and using a 256 bit key. Although GOST's conservative
design inspires confidence, John Kelsey has discovered a key-relation attack on GOST,
described in a post to sci.crypt on 10 February 1996. There are also weak keys in GOST,
but there are too few to be a problem when GOST is used with its standard set of S-
boxes. You can read the official GOST algorithm description (translated from Russian)
here. There is also a description of the GOST algorithm here.

IDEA

IDEA, developed in Zurich, Switzerland by Xuejia Lai and James Massey, is generally
regarded to be one of the best and most secure block algorithm available to the public
today. It utilizes a 128-bit key and is designed to be resistant to differential cryptanalysis.
Some attacks have been made against reduced round IDEA. Unfortunately, IDEA is
patented; licensing information can be obtained from Ascom.
LOKI

LOKI was designed as a possible replacement for DES. It operates on a 64-bit block and
a 64-bit key. The first version of LOKI to be released was broken by differential
cryptanalysis and was shown to have an 8-bit complementation property (this means that
the number of keys that need to be searched in a brute force attack is reduced by 256).
LOKI was revised and re-released as LOKI91. LOKI91 is secure against differential
cryptanalysis, but LOKI easily falls to a chosen-key attack. The designers of LOKI have
proposed LOKI97 as an AES candidate, but linear and differential attacks on LOKI97
have already been proposed.

Lucifer

Lucifer was one of the first modern cryptographic algorithms. It was designed at IBM in
the 1960s by Horst Feistel, of Feistel network fame. Lucifer is often considered to be a
precursor to DES. There are several incarnations of Lucifer, each with the same name,
which creates a good deal of confusion. No version is secure. A paper on the differential
cryptanlysis of Lucifer was written by Ishai Ben-Aroya & Eli Biham.

MacGuffin

MacGuffin is a cipher developed by Matt Blaze and Bruce Schneier as an experiment in

cipher design. It uses a Feistel network (see the cryptography overview for details), but
does not split the input evenly, instead dividing the 64 bit block into one 16 bit part and
another 48 bit part. This is called a generalized unbalanced Feistel network (GUFN).
Details are available here. A differential attack on MacGuffin has been found that
requires approximately 251.5 chosen plaintexts.

MARS

MARS is IBM's AES submission. There is a MARS web page with a link to the MARS
paper. MARS uses 128 bit blocks and supports variable key sizes (from 128 to 1248 bits).
MARS is unique in that it combines virtually every design technique known to
cryptographers in one algorithm. It uses addition and subtractions, S-boxes, fixed and
data dependent rotations, and multiplications.

MISTY

Misty is a cryptographic algorithm developed by Mitsubishi Electric after they broke

DES in 1994. It is designed to withstand linear and differential cryptanalysis, but has not
yet been cryptanalysed. As it has not undergone intensive peer review, the usual caution
is recommended. It is being considered for inclusion into the SET 2.0 standard. Visit the
MISTY web page or read the author's paper on MISTY.
MMB

MMB was designed as an alternative to IDEA that uses a 128-bit block instead of IDEA's
64-bit block. It was designed using the same principles as IDEA. Unfortunately, it is not
as secure as IDEA and several attacks exist against it. Its author, Joan Daemen,
abandoned it and designed 3-Way.

NewDES

Although NewDES was developed by Robert Scott to possibly replace DES, NewDES
has fallen short of expectations. NewDES has been proven to be weaker than DES,
requiring 24 related-key probes and 530 chosen plaintext/ciphertext queries, as described
in this paper.NewDES is implemented in Kremlin

RC2

RC2, like RC4, was formerly a trade secret, but code purporting to be RC2 was posted to
sci.crypt. It is archived here. David Wagner, John Kelsey, and Bruce Schneier have
discovered a related-key attack on RC2 that requires one related-key query and
approximately 234 chosen plaintexts. RC2 is not patented by RSA Data Security, Inc; it is
just protected as a trade secret.

RC5

RC5 is a group of algorithms designed by Ron Rivest of RSA Data Security that can take
on a variable block size, key size, and number of rounds. The block size is generally
dependent on the word size of the machine the particular version of RC5 was designed to
run on; on 32-bit processors (with 32-bit words), RC5 generally has a 64-bit block size.
David Wagner, John Kelsey, and Bruce Schneier have found weak keys in RC5, with the
probability of selecting a weak key to be 2-10r, where r is the number of rounds. For
sufficiently large r values (greater than 10), this is not a problem as long as you are not
trying to build a hash function based on RC5. Kundsen has also found a differential
attack on RC5. RC5 is described in this RSA document. RC5 is patented by RSA
Security, Inc.

RC6

RC6 is Ronald Rivest's AES submission. Like all AES ciphers, RC6 works on 128 bit
blocks. It can accept variable length keys. It is very similar to RC5, incorporating the
results of various studies on RC5 to improve the algorithm. The studies of RC5 found
that not all bits of data are used to determine the rotation amount (rotation is used
extensively in RC5); RC6 uses multiplication to determine the rotation amount and uses
all bits of input data to determine the rotation amount, strengthening the avalanche effect.
REDOC

There are two versions of the REDOC algorithm, REDOC II, and REDOC III. REDOC II
is considered to be secure; an attack has been made against one round of REDOC II, but
could not be extended to all 10 recommended rounds. REDOC II is interesting in that it
uses data masks to select the values in the S-boxes. REDOC II uses a 160-bit key and
works on an 80-bit block. REDOC III was an attempt to make the painfully slow REDOC
II faster. REDOC III, like REDOC III, operates on an 80-bit block, but can accept keys
up to 20480 bits. However, REDOC III falls to differential cryptanalysis, as described in
this paper.

Rijndael

Rijndael is an AES winner by Joan Daemen and Vincent Rijmen. The cipher has a
variable block and key length, and the authors have demonstrated how to extend the
block length and key length by multiples of 32 bits. The design of Rijndael was
influenced by the SQUARE algorithm. The authors provide a Rijndael specification and a
more theoretical paper on their design principles. The authors have vowed to never patent
Rijndael.

Safer

Safer was developed by Robert Massey at the request of Cylink Corporation. There are
several different versions of Safer, with 40, 64, and 128-bit keys. A weakness in the key
schedule was corrected, with an S being added to the original Safer K designation to
create Safer SK. There are some attacks against reduced round variants of Safer. Safer is
secure against differential and linear cryptanalysis. However, Bruce Schneier, author of
Applied Cryptography, recommends against using Safer because, "Safer was designed for
Cylink, and Cylink is tainted by the NSA." Safer SK-128 is implemented in Kremlin.

Serpent

Serpent is an AES submission by Ross Anderson, Eli Biham, and Lars Knudsen. Its
authors combined the design principles of DES with the recent development of bitslicing
techniques to create a very secure and very fast algorithm. While bitslicing is generally
used to encrypt multiple blocks in parallel, the designers of Serpent have embraced the
technique of bitslicing and incorporated it into the design of the algorithm itself. Serpent
uses 128 bit blocks and 256 bit keys. Like DES, Serpent includes an initial and final
permutation of no cryptographic significance; these permutations are used to optimize the
data before encryption. Serpent was released at the 5th International Workshop on Fast
Software Encryption. This iteration of Serpent was called Serpent 0 and used the original
DES S-boxes. After comments, the key schedule of Sperpent was changed slightly and
the S-boxes were changed; this new iteration of Serpent is called Serpent 1. Serpent 1
resists both linear and differential attacks. The Serpent paper is available here.
SQUARE

SQUARE is an iterated block cipher that uses a 128-bit key length and a 128-bit block
length. The round function of SQUARE is composed of four transformations: a linear
transformation, a nonlinear transformation, a byte permutation, and a bitwise round-key
addition. SQUARE was designed to be resistant to linear and differential cryptanalysis,
and succeeds in this respect. The designers of SQUARE have developed an attack on
SQUARE, but it cannot be extended past 6 rounds. A paper on SQUARE is available
here and there are links to the paper and source code on the designers' web site.

Skipjack

In what surely signals the end of the Clipper chip project, the NSA has released Skipjack,
its formerly secret encryption algorithm, to the public. Skipjack uses an 80 bit key. A
fuzzy scan of the official NSA paper is available here at the NIST web site, but it has
been transcribed by the folks over at jya.com. A reference implementation (in C) is
available here, and an optimized version is available here. Eli Biham and Adi Shamir
have published some initial cryptanalytic results (which are growing more and more
interesting as time progresses).

Tiny Encryption Algorithm (TEA)

TEA is a cryptographic algorithm designed to minimize memory footprint, and maximize

speed. However, the cryptographers from Counterpane Systems have discovered three
related-key attacks on TEA, the best of which requires only 223 chosen plaintexts and one
related key query. The problems arise from the overly simple key schedule. Each TEA
key can be found to have three other equivalent keys, as described in a paper by David
Wagner, John Kelsey, and Bruce Schneier. This precludes the possibility of using TEA as
a hash function. Roger Needham and David Wheeler have proposed extensions to TEA
that counter the above attacks.

Twofish

Twofish is Counterpane Systems' AES submission. Designed by the Counterpane Team

(Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels
Ferguson), Twofish has undergone extensive analysis by the Counterpane Team. There is
a paper available from the Twofish web page and source is provided in optimized C and
assembly.

STREAM CIPHERS
ORYX

ORYX is the algorithm used to encrypt data sent over digital cellular phones. It is a
stream cipher based on three 32-bit Galois LFSRs. It is distinct from CMEA, which is a
block cipher used to encrypt the cellular data control channel. The cryptographic tag-
team from Counterpane Systems (David Wagner, John Kelsey, and Bruce Schneier) have
developed an attack on ORYX that requires approximately 24 bytes of known plaintext
and about 216 initial guesses.

RC4

The RC4 algorithm is a stream cipher from RSA Data Security, Inc. Though RC4 was
originally a trade secret, the alleged source code was published anonymously in 1994.
The published algorithm performs identically to RC4 implementations in official RSA
products. RC4 is widely used in many applications and is generally regarded to be secure.
There are no known attacks against RC4. RC4 is not patented by RSA Data Security, Inc;
it is just protected as a trade secret.

The 40-bit exportable version of RC4 has been broken by brute force!

RC4 is implemented in Kremlin.

SEAL

SEAL, designed by Don Coppersmith of IBM Corp, is probably the fastest secure
encryption algorithm available. The key setup process of SEAL requires several kilobytes
of space and rather intensive computation involving SHA1, but only five operations per
byte are required to generate the keystream. SEAL is particularly appropriate for disk
encryption and similar applications where data must be read from the middle of a
ciphertext stream. A paper is available here. SEAL is patented, and can be licensed from
IBM.

HASH ALGORITHMS
MD2

MD2 is generally considered to be a dead algorithm. It was designed to work on 8-bit

processors and, in today's 32-bit world, is rarely used. It produces a 128-bit digest. MD2
is different in design from MD4 and MD5, in that it first pads the message so that its
length in bits is divisible by 256. It then adds a 256-bit checksum. If this checksum is not
added, the MD2 function has been found to have collisions. There are no known attacks
on the full version of MD2. MD2 is described in RFC 1319.

MD4

Although MD4 is now considered insecure, its design is the basis for the design of most
other cryptographic hashes and therefore merits description. First, the message to be
operated on is padded so that its length in bits plus 448 is divisible by 512. Then, in what
is called a Damgård/Merkle iterative structure, the message is processed with a
compression function in 512-bit blocks to generate a digest value. In MD4 this digest is
128 bits long. Hans Dobbertin developed an attack on the full MD4 that will generate
collisions in about a minute on most PCs. An overview of the design and a description of
the security of MD2, MD4, and MD5, are described in this RSA document.

MD5

While MD4 was designed for speed, a more conservative approach was taken in the
design of MD5. However, applying the same techniques he used to attack MD4, Hans
Dobbertin has shown that collisions can be found for the MD5 compression function in
about 10 hours on a PC. While these attacks have not been extended to the full MD5
algorithm, they still do not inspire confidence in the algorithm. RSA is quick to point out
that these collision attacks do not compromise the integrity of MD5 when used with
existing digital signatures. MD5, like MD4, produces a 128-bit digest. An RFC
describing MD5 in detail is available here. The use of MD5, as well as MD4, is not
recommended in new applications.

RIPEMD

RIPEMD and its successors were developed by the European RIPE project. Its authors
found collisions for a version of RIPEMD restricted to two rounds. This attack can also
be applied to MD4 and MD5. The original RIPEMD algorithm was then strengthened and
renamed to RIPEMD-160. As implied by the name, RIPEMD-160 produces a 160-bit
digest. A comprehensive description of RIPEMD-160 can be found here.

SHA1

SHA1 was developed by the NSA for NIST as part of the Secure Hash Standard (SHS).
SHA1 is similar in design to MD4. The original published algorithm, known as SHA,
was modified by NSA to protect against an unspecified attack; the updated algorithm is
named SHA1. It produces a 160-bit digest -- large enough to protect against "birthday"
attacks, where two different messages are selected to produce the same signature, for the
next decade. The official FIPS description of SHA1 can be found here.

SHA1 is implemented in Kremlin.

Snefru

Snefru is a hash function designed by Ralph Merkle, the designer of the Khufu and
Khafre encryption algorithms. 2-round Snefru has been broken by Eli Biham. Snefru 2.5,
the latest edition of the hash algorithm, can generate either a 128-bit or a 256-bit digest.

Tiger

Tiger is a new hash algorithm by Ross Anderson and Eli Biham. It is designed to work
with 64-bit processors such as the Digital Alpha and, unlike MD4, does not rely on
rotations (the Alpha has no such rotate instruction). In order to provide drop-in
compatibility with other hashes, Tiger can generate a 128-bit, a 160-bit or a 192-bit
digest. The Tiger home page contains more information.

CASE STUDY:
Password Manager XP:
Password Manager XP is a program specially created to help people systematize and
store securely valuable information. It rids computer users of headaches caused by lost
passwords, forgotten access codes and other sensitive information. With this program,
you safely store all your logins, passwords, PIN codes, credit card numbers, access codes,
files, and any other confidential information in one place.

Password Manager XP allows you to create several databases for storing desired
information. Each database has its own access password and is encrypted with the
algorithms of your choice. This means capability to apply several different encryption
algorithms at a time, which significantly increases protection against unauthorized access
of your data. Besides, the program comes with an option to automatically exit databases
when idle for a set period of time, which decreases the likelihood of stealing your data
when leave your computer with application running (for example, you have been
distracted by other things or simply forgot to quit the program).

In addition, you can create passwords databases at shared

resources and access them from multiple computers across the
network. Removable devices Wizard will help you to install the
Password Manager XP to any removable media such a USB
flash drives. You can run Password Manager XP and work with
password databases directly from removable device.
Password Manager XP is ideal for workgroup use. The
program lets several users get access to the password
databases. Importantly, access rights and privileges can be
regulated. All changes inside the database are logged, giving
the system administrator complete control over the users'
actions.

Quite frankly, Password Manager XP can considerably

simplify your work with the Internet and usual Windows
applications. It can autofill web pages, registration forms,
logon windows, etc. This feature is compatible with Microsoft
Internet Explorer, Firefox, Google Chrome, Opera and majority
of usual Windows applications.

You can install Password Manager XP Mobile to your Windows Mobile-based device
and access your data easily when your laptop or desktop PC is not available. Password
Manager XP installed on your Pocket PC allows you to keep your data secure and right in
your pocket.

Password Manager XP has a built-in customizable password generator.

Password Manager XP comes with a user-friendly interface that is easy to navigate and
adjust.

Password Manager XP is your personal Password Keeper!

Features of Password Manager XP:

Exceptionally high security level

• support of the following encryption algorithms (can be used together): Blowfish,

3DES, Rijndael, Tea, Cast128, RC4, Serpent, Twofish;
• no unencrypted temporary files ever created;
• memory blocks are cleared when no longer needed;
• built-in password generator;

Multi-user password manager

• support for multiple databases;

• ability to access passwords databases from multiple computers across the
network;
• adjustable user privileges per given database;
• permissions can be set for folders or even individual records;
• concurrent write access to a database for multiple users;
 • NT authentication support;
• logging of all data changes;
• users' actions logging (Professional / Corporate edition only);

Other features

• database and folder fields can be fully customized. It is possible to

add/modify/remove fields for individual folder or entire database;
• autofill & form filler functionality. Currently it works in Microsoft Internet
Explorer, Firefox, Google Chrome, Opera and most of ordinary Windows
applications;
• files can be attached to database records;
• support of system wide hotkeys;
• printing and ability to create custom print templates;
• ability to store passwords databases and the program itself on the removable
devices such a USB flash drives;
• synchronization of databases;
• backup and restoring of passwords databases;
• export and import to/from CSV and TXT files;
• ability to check for the expired passwords on Windows start;
• program can be minimized to system tray;
• information sorting options;
• handy and easy adjustable interface;
• multilingual user interface (English, German, French, Italian, Spanish, Dutch,
Swedish, Norwegian, Lithuanian, Chinese, Korean, Danish, Czech, Slovak,
Slovenian, Hungarian, Greek, Croatian, Polish, Portuguese (Brazil), Hebrew,
Turkish, Farsi, Romanian, Russian, Ukrainian);
• XP themes support.

Password Manager XP Supports Following Algorithms

Encryption algorithm Hash algorithm used to Encryption key length

generate encryption key
3DES SHA 160 bit
Blowfish SHA-384 384 bit
Cast128 MD5 128 bit
RC4 SHA-512 512 bit
Rijndael (new AES) SHA-256 256 bit
Serpent SHA-256 256 bit
Tea MD5 128 bit
Twofish SHA-256 256 bit

File Encryption XP:

With File Encryption XP, you can encrypt files of any type, including Microsoft Word,
Excel and PowerPoint documents. It protects information against being viewed or
modified without your authorization. The reliable and ultra-secure Blowfish algorithm is
used for data encryption and no encryption passwords are saved within the encrypted
files. This makes the encryption very secure. The program has a convenient and intuitive
interface and so even the most inexperienced users in the sphere of information
protection can protect their data quite easily. A feature that creates self-extracting
encrypted files is built into the program. These files are completely self-contained which
means that, if you have the correct password, you can view your encrypted files on any
Windows PC and you do not need to install any other encryption software. File
Encryption XP can be used as secure file eraser to wipe files completely and
permanently. The program adds items into Windows Explorer popup menu to simplify
encryption, decryption and wiping tasks.

File Encryption XP encrypts files and folders using a strong Blowfish algorithm with
384-bit key. Protected files that can be decrypted without File Encryption XP is a built
in program feature. You can create a self-extracting encrypted file and simply send it by
mail or give it to someone on a floppy disk. If the recipient knows the password, he or
she can execute this file to get the original document.

In many cases we would like to delete the original insecure file or folder after it has been
encrypted. The standard Windows deletion method is not secure because you can restore
such a file in almost 100% of cases. File Encryption XP has a reliable deletion method
that will completely remove files. This is especially useful for deleting the source file or
folder after encryption so that the only remaining file is the encrypted version.

File Encryption XP is especially useful for working on a variety

of storage devices. You could install the program on a floppy
disk or a flash drive and use it on any Windows PC to which the
drive is connected. File Encryption XP is optimized for
working on removable media.

File Encryption XP has a built-in strong password generator allowing you to generate
new passwords according to the criteria you specify. Strong passwords are ones
containing upper and lower case letters as well as numbers and so they are almost
impossible to guess.

File Encryption XP automatically logs all program operations. You can always recall
what you were doing and when by looking through the log file. You can disable this
option if you prefer additional security and do not wish to keep a record of your
activities. When the program starts, it looks for all encrypted data on the current medium
and displays the list in the "Search" panel. The "Search" panel groups the encrypted files
in one place so it is easier to access them. You can use this panel to decrypt or delete the
encrypted files found by the program. The program interface is based on the interface of
Windows Explorer. You can perform all program operations on files and folders just as
you would in Windows Explorer. You can modify any menu or toolbar, create new ones
or change the program skin.

File Encryption XP is your File Encryption Software for Windows!

Features of File Encryption XP:

Main features

• encrypting files and folders using the Blowfish algorithm;

• decrypting files and folders;
• files and folders compression before encryption;
• creating self-extracting encrypted files;
• removing files and folders completely and permanently, this is called "wiping";
• support for large files (4Gb and more);
• Windows Explorer popup menu integration;
• install the program to Removable Device such as a USB memory stick;
• File Encryption XP has a built-in customizable password generator;
• works on any removable media (under any Windows operating system);
• logs all operations to a file;
• automatically finds and groups encrypted files;
• no software backdoors into the program or files;
• no unencrypted temporary files ever created;
• memory blocks are cleared when no longer needed.

Additional features

• all user settings are automatically saved;

• a choice of skins (Office XP, Office 2003 and Windows XP themes);
• context-sensitive help;
• the entire interface can be customized to your own requirements;
• active accessibility support.

Kremlin:
Many products feature secure encryption, but Kremlin does more: Kremlin builds a wall
around your computer, protecting your sensitive files from snooping intruders. Windows
and Mac OS were not designed to be secure; they literally strew your sensitive data all
over the computer. The Kremlin Sentry automates the process of securing your computer
by scheduling itself to secure portions of your hard disk and all used memory when you
log off your computer or your computer becomes idle.
And Kremlin is easy to use, too. You can securely remove files from your computer by
dragging them to the Kremlin Secure Delete (Recycle Bin). And when you log off,
Kremlin clears sensitive areas of your hard disk and wipes all records of your activities.

Kremlin can also automatically encrypt files and directories when you log off your
computer and decrypt them when you log back on, providing a transparent way to protect
your files from any nosy intruders.

If you're worried about your word processor leaking scraps of your sensitive documents
all over your hard drive, you can use Kremlin Text, a full-featured and secure text editor
that automatically encrypts your documents. You can even e-mail a secret memo to a co-
worker from within Kremlin Text.And Kremlin is so secure that the U.S. Government
considers it a munition! To snoops, Kremlin is a deadly weapon.

KERMIN SDK:
Kremlin SDK

Kremlin SDK is the cryptographic engine that powers Kremlin. It is the foundation of
Kremlin. Learn more...

Kremlin Encrypt/Decrypt

Kremlin Encrypt provides an easy-to-use interface to powerful cryptography. Kremlin

Decrypt allows you to decrypt the files you have encrypted. Read more about
cryptography basics or an overview of cryptographic algorithms. Learn more...

Kremlin Text

Discussing a top-secret project and need to send a secure memo? Exchanging notes with
a secret lover? You can use Kremlin Text to ensure that your data arrives safely and
securely. Just type your message into Kremlin Text's word processor-like environment,
click the Encrypt button, and you're ready to send secure e-mail! Your message can
include text formatting and different colors. Learn more...

Kremlin Sentry

The Kremlin Sentry automates the process of securing your computer. You can schedule
the Kremlin Sentry to run when you shut down your computer or when your computer is
idle. The Kremlin Sentry then secures unused portions of your hard drive, where
"deleted" word processing files often reside, and wipes all memory (including the swap
file), overwriting operating system records of passwords and other sensitive information.
The Kremlin Sentry can also clear all records of the most recently accessed documents or
all previously visited Internet world wide web sites. Learn more...

Kremlin Wipe

Windows and Mac OS were not designed as secure operating systems. Your keystrokes,
which might contain a sensitive passphrase, are saved to disk, and your word processor
routinely writes scraps of your documents to disk. Use Kremlin Wipe to wipe free
memory, unused disk space or completely wipe the disk! Learn more...

Kremlin Secure Delete (Recycle Bin): Secure Deletion

When you drag your top-secret document to the Kremlin Secure Recycle Bin, it's just not
flagged to be overwritten, it's gone forever. Kremlin overwrites your documents with a
variation of the Department of Defense standard, writing zeros, ones, and a pseudo-
random bit stream and its binary complement a user-specified number of times. Learn
more...

Add powerful 160-bit encryption to your application in less than 30 lines of C code

The Kremlin SDK is an easy-to-use C DLL interface to powerful cryptography. It is used

as the basis of KremlinEncrypt.com's popular Kremlin encryption software and has
proven itself to be a robust and stable encryption SDK (over 50,000 users have
downloaded Kremlin). The Kremlin SDK is implemented in four layers of increasing
abstraction.

Supported Platforms

• Windows, Mac OS X, Mac OS 9: Cross-platform support

• Linux: Needs some polishing, but works
• Other platforms: We can port Kremlin SDK to any other platform. Please contact us to
discuss custom ports.
Layers of Abstraction

Encrypt a file with just one function call!

Cryptographic Features

• Encryption algorithms: Blowfish, CAST-128, DES, RC4, Safer SK-128, NewDES

• Encryption modes: Supports both ECB and CBC encryption mode (read SP 800-38A,
Recommendation for Block Cipher Modes of Operation for more information)
• Hashing: Secure Hash Algorithm (SHA1).
• Secure memory allocation: smalloc and sfree make it a no-brainer to prevent leakage of
secure data
• Disk security: file wiping, cluster wiping, free space wiping, memory wiping

The Kremlin SDK also includes automatic compression (at the archive level), error
checking using a modified Fletcher checksum (faster and better than a CRC), and a
flexible callback system (for progress controls, file overwriting, etc.)

And the Kremlin SDK is very, very secure. Both the source code and the compiled
executables have been reviewed by security professionals, including Chris Hall from
Counterpane Systems (Bruce Schneier's company), Alexander Pukall, who writes
encrypted databases, and a person named Casimir, who has cracked the encryption in
several other programs, including "Encrypt-It" and "Crypt-o-text". After hearing that he
had broken yet another insecure encryption program, we e-mailed Casimir and
challenged him to break Kremlin. We even gave him the source code. After over a month
of examining the source code, Casimir e-mailed us and admitted defeat, saying "OK, you
won. I surrender!". It would take you months of your time and tens of thousands of
dollars to write, optimize, and secure (including paying for outside security consultants)
your own encryption routines. And your solution would most likely never have been
torture-tested by over 50,000 users!

Kremlin SDK Features

The Kremlin SDK comes with

• full source code;

• detailed manual that documents every function;
• extensive example applications;
• free technical support for 30 days (additional years of technical support can be
purchased).

And this isn't normal technical support; we function as security consultants and can
review your usage of the Kremlin SDK for possible security loopholes. We can even
write the encryption code for you.

The Kremlin SDK can be distributed royalty free with your application. And there's also
a 90 day money-back guarantee; if you purchase the Kremlin SDK and decide you
don't like it, you can get all of your money back (including possible technical support
contracts) any time within three months after the purchase.

It takes only a few lines of C code to add powerful cryptography to any application. See
how easy to use Kremlin SDK in your application: imagine you need to write a utility
that can encrypt files command prompt with the following syntax:

Example.exe password archivename file1 [file2] [file3]...

Thus Crptography is explained with case study.