Smart Card Systems is a leading integrator and consultant of premier security products.
.
 
Products
Government Mandates
 

A Quick Lesson on Encryption

Encryption can often be a confusing subject. You know you need it, but you really don't have the time to learn how it works. The good news is that you don't need to know anything about encryption to use SafeHouse. If you can use a PC and can remember your password, then that's everything you need to know to use SafeHouse. However, just in case you might be a little bit curious about encryption technologies, we've included some details below.

File Encryption vs. Volume Encryption

File encryption utilities have been around for many years. They are generally used to encrypt and decrypt files on demand, one at a time. Sure, these utilities work, and they are even just as secure as other methods, but they can quicky become cumbersome to use. Instead, SafeHouse uses a concept known as volume encryption. With volume encryption you are relieved of the burden of individually encrypting and decrypting files or needing to remember which file is in what state, etc. A single volume, or container file, is created to hold all of your sensitive information. Volumes are associated with a Windows drive letter to make them easy to use. After supplying your password only once, you can read, write, copy, delete, rename, drag, drop or do anything you would ordinarily expect to do with any other drive; only in this case, the data is transparently encrypted and decrypted for you.

Popular Encryption Algorithms

SafeHouse includes support for a number of popular encryption algorithms in a variety of key strengths. Industry experts generally agree that a minimum of 128-bits of key strength is required to ensure the privacy of your data.

How strong is a 128-bit key? For starters, a 128-bit key has 3.4 x 1038 possible values. That’s 1021 times stronger than a 56-bit DES key. The famous “DES Cracker” machines built in the late 1990’s could recover a 56-bit key in a matter of hours. If this time could subsequently be reduced to one second (meaning trying 255 keys per second), then it would take that same machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit key. To put this into perspective, the universe is believed to be less than 20 billion years old. Of course, if you need something stronger, SafeHouse still has you covered; offering two 256-bit ciphers and another at 448-bits.

Blowfish

Blowfish is fast, supports long keys, and is well-respected in the industry. Blowfish runs nearly 20x faster than DES. SafeHouse offers several different Blowfish key lengths: 32, 48, 56, 128 and 448. Each version runs at the same speed. The various key lengths are required for compliance with certain export control laws.

Twofish

Twofish was designed by the same scientist who invented Blowfish. Although it has not been around as long as Blowfish nor subjected to the same level of scientific scrutiny, it was a finalist in the NIST competition for choosing a new national encryption standard and is generally regarded as being superior to Blowfish in quality and speed. Twofish is available in two strengths: 128 and 256 bits. Only the 128-bit key size is compatible with SafeHouse’s administrative key recovery features.

Rijndael (AES)

The Rijndael algorithm was selected by NIST in October, 2000, to become the new official Advanced Encryption Standard (AES) for use within the U.S. Government. Rijndael is available in two strengths: 128 and 256 bits. Unlike Blowfish and Twofish, this algorithm takes longer to process at higher key strengths. The 256-bit version is approximately 40% slower than the 128-bit version. Only the 128-bit version is compatible with SafeHouse’s administrative password recovery features.

DES

DES stands for Data Encryption Standard. This algorithm has been around for over 25 years and is now believed to be vulnerable to attack since its key size is only 56 bits.

Triple DES

Triple DES is three rounds of DES. Each round uses a different permutation of your password. The algorithm is secure, yet very slow. Blowfish, Twofish and Rijndael are usually better choices than triple DES when you have the opportunity to make a choice.

What About the Math?

The bottom line is that you don't need to understand the math used by modern-day encryption algorithms. As long as you choose a reputable encryption product such as SafeHouse which incorporates tried and true algorithms which have withstood the test of time and meaningful industry scrutiny, you can safely leave the math to the guys wearing the propeller beanie caps.

Still, if you must know and want to read a bood book on the subject, we recommend reading Applied Cryptography 2nd Edition by Bruce Schneier.