Do YOU need encryption?

NetAction's Guide to Using Encryption Software

Table of Contents

  1. What is encryption, and how does it work?
  2. Do I need encryption?
  3. How does encryption software keep my information secure?
  4. What features are available in encryption software?
  5. What are the vulnerabilities in encryption, and how do I guard against them?
  6. Where can I get more encryption software?
  7. Why does the U.S. government want to restrict the use of encryption software?
  8. Where can I read more about encryption?
  9. How do I find out whether a particular encryption program is legally available where I live?
  10. Cryptography Terms

Appendices

Appendix A. "Brute Force" Cracking

Appendix B. What are the different kinds of algorithms that encryption software programs utilize?

About This Guide

NetAction prepared this guide primarily to help U.S.-based organizations and activists learn to use encryption software. If you are located outside the U.S., you will need to determine whether the use of encryption is restricted in your location before downloading any of the encryption software discussed in this guide.

This guide was researched by Matt McCarthy and co-written by Matt McCarthy and Audrie Krause, with editorial assistance provided by Theresa Chen and Andrea Jepson. This guide is available as a regular HTML document, a Microsoft Word document, and in ASCII text.

Copyright 2001 by NetAction. All material in this guide may be reposted or reproduced for non-commercial use provided NetAction is cited as the source.

1. What is encryption, and how does it work?

Fundamentals

Encryption is a software tool that uses scrambling to make data unreadable to anyone other than the intended recipient. It is useful to ensure the privacy of data that you store on your computer, or that you want to email to someone else.

Encryption software programs use algorithms, or complex mathematical processes, to scramble and unscramble (or "encrypt" and "decrypt") the data. Algorithms work through the creation of keys, which are specific strings of data used for encryption. These keys consist of long strings of bits, or binary numbers. The more bits in the key, the greater the number of possible combinations of binary numbers, making the code more difficult to break. You may have heard of "56-bit" or "128-bit" keys, for example. With more bits, the 128-bit key is more difficult to break than the 56-bit key.

If you're curious, you can see what an algorithm looks like: IDEA is one of the algorithms used in Pretty Good Privacy (PGP). An encryption algorithm scrambles data by combining the bits in the key with the data bits; in decryption, the algorithm unscrambles data by separating the data bits from the key bits. In symmetric key encryption, the same key is used to scramble and unscramble data. In asymmetric key encryption, two different keys are required: one to scramble and one to unscramble. With either method, a recipient cannot access the original data without the correct key.

Here is an example of data that has been encrypted:

(((((0400ACHCLBGHEPIOFJJHPLJOFIJAPHOAIDBJEGBMIOHONGALJ
NFMMFINKPNFBIKJKLBLCPEHLPBDLDJEMFHOMPHLCMDLNGILOECLFFI
CNHOEAODJMBLKCDCBAEALAJLCEBBBFIGIOOHGBOPHBJDEPGDLOOBOJ
PBBCIHAIJOHLMHJIMJCGILHMCAKKGNNPMAJKHGBGCNDLFDGMBKGGNJ
ODPDAEKKIPLALIKKPHDFIPOBBEDFMKKBLNMEEPNMMMOIDIPDBMGOEE
CDNMNKOIAIAHICOACNAGBDDPKPNKAOJPFGPIFCGFDLLOCMEGIMNOHD
GMAAEOJEKJIDNIGBHBHNBKENNOGILFAMMOIJDBDAHHNIKCBCFEIPNJ
NMIGGCIMKDGACMGHFGKLMFDNAKOELAOHDJCGGDEDAGDAJNHHAOBJME
KJKGMFGIKPCOJIFFDEHFONKAPHP)))))

You can decrypt this data with ShyFile, a web-based encryption program. Go to http://www.shyfile.net/d.htm, paste the encrypted message into the appropriate box, and use this key to decode the message: netaction.org-encryptionfornonprofits

Software

Encryption software is available for many purposes. You may already be familiar with one form of encryption software: many e-commerce and donation Web sites use Secure Socket Layers (SSL). Whenever you visit any Web page with an address starting with "https" instead of "http," SSL will automatically encrypt anything you type into that page, such as passwords or credit card information, before sending it over the Web.

Our guide focuses on encryption software for email and files, which is considerably more complicated than SSL encryption. Encrypted files can be attached to an email message, uploaded to a Web server via File Transfer Protocol (FTP), or put on a floppy disk and passed by hand. Email messages themselves can also be encrypted. It is not necessary, however, for an email message to be encrypted in order to send it with an encrypted attachment. For example, an encrypted document can be attached to an unencrypted email message that says, "See the attached confidential document." Encryption software specifically intended for use with email is generally easier to use than software intended to encrypt files, because email encryption software integrates seamlessly into the email program. Some email encryption software, for example, adds buttons to your mail program's menu.

Different software programs have different strengths and vulnerabilities, and employ different ways of distributing the keys that scramble and unscramble data. Some software programs require the recipient of an encrypted document or email message to use the same software the sender used. Others simply require the recipient to possess the same key or password that the sender used.

2. Do I need encryption?

Ask around, and you'll hear varied opinions on whether to use encryption. Certainly, it can add complexity to using your computer. It may be a minor inconvenience such as having to log in with a password every time you turn on your computer, or a major hassle, such as having to fool with a difficult interface every time you want to do anything on your computer. Encrypting large files can take a lot of time and computing power. Even worse, losing passwords or corrupting encryption program installations can lead to data loss. So why bother?

The answer is simple: if the data on your computer is sensitive enough, you should use encryption. For example:

If the answer to any of these questions is "yes," you should take steps to ensure the privacy of this data.

Keep in mind that you don't need to spot suspicious men in a satellite dish-equipped van parked outside your building to warn you that you are potentially at risk of data theft. Malicious hackers may find vulnerabilities in your Internet connection. It's a good idea always to assume that it's possible for someone to violate your computer's security and privacy, and act accordingly to prevent it. This is especially true if you are using Microsoft software, which is particularly vulnerable because it is so widely used. (Malicious hackers know they can cause the most damage by targeting widely used software programs.)

Even if you take the extra steps required to encrypt your data, there are still likely to be vulnerabilities that could allow a skilled or well-funded data thief to get access to your data. Read the section on vulnerabilities for details.

It's up to you to weigh the risk of data theft against the trouble it would take to guard against it by using encryption. Because the usability, learning curve, and difficulty of using these programs factors greatly into the equation of whether you want (or need) to use them, our software reviews focus on how easy it is to get started with the programs and to use them on a day-to-day basis. Since cost is also a major concern for non-profits, we have included reviews of several low-cost or free software options.

3. How does encryption software keep my information secure?

All encryption software programs choose an algorithm that they rely on to scramble and unscramble your data. Some programs use more obscure, proprietary algorithms, but others use widely available algorithms. The benefit of using an obscure algorithm is there is less likelihood that tools for cracking it are available. The benefit of using a well-known algorithm is that it has been thoroughly tested. If a vulnerability has not yet been discovered, finding one is probably very difficult.

(For more in-depth information on the various available algorithms, see Appendix B: What are the different kinds of algorithms that encryption software programs utilize?)

Software uses algorithms to encrypt your data in two ways: the symmetric key method, and the asymmetric key method. With either method, it is important to save a copy of your key on a floppy of zip disk, a CD, or another hard drive. Otherwise, if you lose or forget your key, or the key data gets corrupted, you will not be able to decrypt your encrypted data.

Symmetric Key

(Basic Model: encrypt and decrypt with the same password)

Many encryption programs scramble and unscramble with the same key. This simple scheme allows anyone possessing the key that encrypted the data to also decrypt the data. It is important, in order to maintain security, that the sender distribute the key to the intended recipient without letting it fall into the wrong hands. If the sender emails the key in a regular, unscrambled message, malicious parties could easily intercept it in transit. If the sender encrypts the key before emailing it, the recipient will need a second key to decrypt the first key. If the sender copies the key onto a floppy or zip disk, or CD, the disk could be lost in transit or misplaced by the recipient.

Only software programs utilizing this basic model, symmetric key encryption, allow the recipient to unscramble an encrypted message without using the same software the sender used to scramble it. For example, the sender could create a self-decrypting archive that prompts the recipient for a password when double-clicked. Or the sender could create files that could be dragged into a Web browser and unscrambled with a web-based decryption script like ShyFile. Not all programs support self-decrypting archives.

To summarize: the simplicity of symmetric key encryption makes it easy to understand, but distribution of the key is risky.

Asymmetric Key

(Public/Private Model: sender uses the recipient's public key to encrypt, and the recipient uses his or her corresponding private key to decrypt.)

Some software programs use the asymmetric key, or "public key/private key" model, which requires both the sender and the recipient to have the same software. With this model, the recipient makes a pair of keys, both of which can be unlocked with a single password. One half of the pair is a public key that anyone with the same software uses to encrypt a message to the recipient. The sender does not need the recipient's password to use his or her public key to encrypt data. The recipient's other key is a private key that only he or she can use when decrypting the message. The private key should never be distributed since the private key assures that only the intended recipient can unscramble data intended for him or her. The recipient can freely distribute the public key without worrying since it is only used to scramble the data.

You must meet two conditions before you can use asymmetric encryption software: 1) the recipient must have the same software and already have created a key pair, and 2) you must have the recipient's public key. There are many ways to distribute a public key: through text in an email, through text in a file on a floppy disk, or by posting it on special Internet sites known as key servers. For example, if the recipient's public key is available on a PGP server, your PGP software program can retrieve and store the key on your computer for use at any time.

Here is an example of how asymmetric encryption works: If Jack has Jill's public key, Jack can send encrypted files that Jill can unlock with her private key. Jack can't use Jill's public key to decrypt files intended for Jill (since decrypting a file intended for Jill requires Jill's private key), nor can he sign files pretending to be Jill. Even if Jack got his hands on Jill's private key file, he would need Jill's password to access it.

The biggest problem with this method of encryption is verifying that the sender is who he or she claims to be. The solution is called a "Web of Trust", which makes use of digital signatures. If Jill wants to verify that the Jack who sent her an encrypted file is really the Jack she knows, she confirms his identity by some non-electronic method, such as a personal meeting or phone call, or by an electronic method such as the AT&T Pathserver. If Jack has previously taken similar steps to confirm the identity of John Doe, Jill can also trust an encrypted file from John.

See an illustrated model of encrypting and signing data. These pages are part of the Asia Pacific Network Information Centre's Certificate Authority Status Report.

4. What features are available in encryption software?

Some software programs are more useful for encrypting files, and others are more useful for encrypting text messages, like email and instant messages. It's possible to use a file-encryption program for both files and email. Some file-encryption programs, for example, encrypt email by transforming the message into a file, and then sending the encrypted file. However, some of the software specifically designed for email encryption is much easier to use than programs for file encryption. Other email encryption software programs convert plaintext to ciphertext, which is useful for encrypting email or text documents, but useless for encrypting images or other non-text files. Other encryption software simply enables you to store encrypted files on your computer.

In addition to the different encryption algorithms and models, there are different software interfaces. Some programs require you to locate the file you want to encrypt through a regular "file-open" dialogue window. Others, including PGP, allow you to encrypt a highlighted section of text that you select from an open document. Some email encryption programs include plug-ins that add buttons to your program menu, so you can encrypt a message with literally the touch of a button. These interface alternatives can be important for first-time users since they can make the software easier to use. They are also important for anyone who uses encryption daily, since a cumbersome encryption and decryption process may deter use.

When you try an encryption program, check for the features that you need (e.g. encrypts your email, encrypts your files, etc.), as well as its ease of use.

Some features you may find useful in any encryption software:

Some features you may find useful in email encryption software:

Some features you may find useful in file encryption software:

You should also become familiar with any encryption features that may have been built into your computer's operating system. If your computer's operating system includes features that provide the level of security you need, it may not be necessary to look for those features in third-party encryption software programs.

Features offered by:

MacOS 9:

Mac OS 9 includes some built-in encryption features that are relatively easy to use: Apple File Security and Apple Verifier. Located in the Security Folder (which is in the Applications Folder), these features allow Mac users to encrypt and decrypt files on their hard drives, and to verify the authenticity of files containing digital signatures. To encrypt or decrypt files, drag them onto the Apple File Security icon. To verify digital signatures, drag them onto the Apple Verifier icon. The Apple Help menu includes information on how to use these features.

Unix (including Linux and Mac OS X):

The Unix security system is robust and complex. It employs a system of access control lists to determine which users have access to a given file or folder, and usually requires that users log-on to use the computer. (Keep in mind that access controls are not the same as encryption.) To learn more, check the following link: http://www.linuxdoc.org/HOWTO/Secure-Programs-HOWTO/features.html

Windows 9x (including 95, 98, and ME):

Simply put, Windows 9x was not designed for robust security. Any user can alter or remove any file not currently in use, or even reboot into DOS from Windows 95 or 98 and have unrestricted access to any file on your computer. No third-party program can protect your data if the operating system has no built-in security features. We advise Windows 9x users who require a secure environment to install a WindowsNT-based operating system, preferably Windows 2000. (Privacy advocates have raised concerns about the new operating system that Microsoft is about to release, Windows XP. See http://www.epic.org/privacy/consumer/MS_complaint.pdf and http://www.epic.org/privacy/consumer/MS_complaint2.pdf for more information about this.)

Windows NT (including NT and Windows 2000):

The security tools in Windows NT are available on computers using the NTFS file system. Since NT is also used on computers with the FAT16 or FAT32 file systems, not all computers using the Windows NT operating system will have the security features described below. You can check your hard drives' file system by right-clicking the drive icon and viewing the "Properties" window. On Windows NT systems, many security settings can be reviewed and edited from the Group Policy Editor. Press "Start," press "Run," type "gpedit.msc," and hit "Enter"; the settings are under Computer Configuration / Windows Settings / Security Settings. (Again, keep in mind that access controls are not the same as encryption.)

Users

NT-based operating systems require a log-in to use the computer. The log-in requirement goes hand-in-hand with file permissions and encryption/decryption permissions (described below). Individual users or groups of users can be restricted from or given access to specific files or documents by using the Group Policy Editor.

File permissions

Hard drives formatted with the NTFS file system rely on "user permissions" for security. Every file and folder has an owner and an access control list (edited by the owner or those conferred editing power by the owner) to indicate which users may "modify, read or execute documents view folder contents, write to the file or folder, or have read-only access." In recent versions of Windows based on the NT kernel, you can see which user "owns" each file and folder within a given folder by using the Details view in Windows Explorer, right-clicking any tab at the top (e.g. Name, Size, Type, Date Modified), clicking "More," then "Owner."

Encryption

The NTFS file system has built-in support for file and folder encryption through the EFS (Encrypted File System) tool. Right-click a file or folder, select "Properties," look under Advanced, and check Encrypt to use this feature. Once Encrypt is checked, click Details to identify the users who can decrypt the file. (Caution: Don't forget to disable System Restore before encrypting any file that System Restore can affect, or else another user with Recovery access can use System Restore to decrypt your encrypted file.)

Certificates

Windows relies on "certificates" for public key security and for applications that provide for authentication, data integrity, and secure communications over networks. Users manage their own certificates.

The features listed above target email and file system encryption. You may also be interested in encryption for other applications, such as FTP and Telnet.

For FTP:

FTP (file transfer protocol) is inherently insecure because the program sends the user's log-in and password as plain text (i.e. unencrypted). You can encrypt the login and password, but the computer receiving the files must know how to decrypt them. Only a few FTP servers support secure connections, but there are some freeware programs available.

Freeware Secure FTP programs:

For Telnet:

Telnet, a protocol used to access files on another computer, is similarly insecure because it sends the user's log-in and password as plain text. However, nearly anything you can do with Telnet can also be done with SSH (Secure Shell; look here for a FAQ). SSH was designed to be secure, but not all computers that support Telnet support SSH, since it's an entirely different protocol.

Freeware Secure Shell programs:

5. What are the vulnerabilities in encryption, and how do I guard against them?

If you lock your door with a deadbolt instead of a chain, you make it more difficult for a burglar to get inside your home. Similarly, there are differences in the level of security that encryption software provides. Most of the well-known encryption algorithms that are considered "good" are mathematically complex enough to be difficult to break; otherwise, they wouldn't be so widely used. But even good algorithms are vulnerable to being broken if someone is persistent enough. In this section, we discuss the general vulnerabilities in encryption software, and offer tips that you can use to combat them. If you'd like more information on the vulnerabilities of a particular algorithm or software program, search the Web for reviews on its effectiveness.

General vulnerabilities include:

"Brute Force" Cracking

"Brute force" is another way of saying "trial and error." With this method, a "cracker" tries every possible key until he or she stumbles upon the correct one. No encryption software program it is entirely safe from the brute force method, but if the number of possible keys is high enough, it can make a program astronomically difficult to crack using brute force. For example, a 56-bit key has 256 possible keys. That's up to 72,057,594,037,927,936 – seventy-two quadrillion – keys that a cracker may have to try in order to find the correct one.

TIP: The more bits in a key, the more secure it is, so choose software with as many bits as possible. If you have a choice between 56-bit encryption and 128-bit encryption, for example, use the 128-bit encryption.

For more information on brute force cracking, please see Appendix A: "Brute Force" Cracking.

"Back Doors"

A "back door" is a security hole in a piece of software. A "back door" may be present because someone created it in the software with malicious intent, or by accident. Whatever the reason, if a malicious "cracker" discovers a "back door" in a program, he or she may be able to discover your key or password.

TIP: Make sure that the encryption software you choose has been rigorously tested. Read online reviews, and consider how long the software has been available. Visit the software's Web site periodically to check for patches and updates, and install them.

Making Good Keys

In every kind of encryption software, there is some kind of password that must be created so that the intended recipients of the information can read it. Creating a password that "hackers" or other malicious parties cannot easily guess is just as important as choosing a good algorithm or strong encryption software.

TIP: Take care to make a strong key. Use a varied set of characters, including lowercase and uppercase letters, numbers, and symbols (like spaces, colons, quote marks, dollar signs, etc.). A good password should be longer than eight characters; the longer it is, the harder it is to crack.

If you're concerned about remembering a long password, don't be. Even a long password made up of different types of characters can be easy to remember. Instead of using your daughter's name, "sally," for example, use "S411y is: #1 i/\/ mY b00k!!!". (Many password-guessing programs (see "Brute Force" Cracking) employ a database of English words that guesses passwords from various combinations of words, so it's a good idea not to use passwords made up exclusively of English words. Note that in the example above, numbers and characters are interspersed with letters.) Even better is to use a series of random letters, numbers, and symbols, so that it can't be guessed easily.

TIP: If you forget your password, you will not be able to decrypt data that you have encrypted. Be sure to make a backup copy of your password and store it in a safe place, such as on a floppy or zip disk, a CD, or a separate hard drive. You can also copy and paste your password into a new document, print the document, file the paper somewhere safe, and delete the document from your computer.

6. Where can I get more encryption software?

Besides checking the software described in our reviews, you might want to try other encryption software. As discussed below, before downloading or using any encryption software, please make sure that it is legal to use in your location. Check our section on legal availability for more information.

7. Why does the U.S. government want to restrict the use of encryption software?

As noted earlier, one of the vulnerabilities of encryption software is a security hole known as a "back door," which may be present in a piece of software by accident or because someone created it in the software with malicious intent. For years, federal investigators tried to convince lawmakers that software developers should be required to intentionally create "back doors" to give authorities access to encrypted communications between individuals who are under surveillance for suspected criminal activities. Proponents referred to this as a "key escrow" system because authorities could go to court to get permission to use the key to unlock encrypted communications.

Privacy and civil liberties advocates fought these efforts, citing the importance of encryption to the work of human rights activists and the need for secure communications for online commerce. In the late 1990s, they were successful in convincing federal policy makers to loosen U.S. laws banning the export of strong encryption. However, the September 11, 2001 terrorist attacks on the World Trade Center and the Pentagon have prompted renewed calls for increased restrictions or outright bans on encryption. This, in turn, has generated renewed concern among privacy and civil liberties advocates about the potential loss of constitutionally protected rights. Lauren Weinstein and Peter G. Neumann, co-founders of People For Internet Responsibility, offered this perspective in a September 23, 2001 "PFIR Statement on Terrorism, Civil Liberties, and the Internet:"

"The techniques for strong encryption are now widely known and can be implemented on any PC or handheld computer. Attempts to outlaw, weaken, or mandate surveillance ‘backdoors' for such systems can only result in the vast honest population being saddled with vulnerable encryption systems for commerce and a wide range of other communications both on and off the Internet, all subject to a wide array of monitoring. Such surveillance could be instigated not only by ‘benign' governments, but also by a range of private parties who would inevitably penetrate the back-doors of such systems, not to mention other governments and entities (either now or in the future) who most decidedly won't be benign in nature."

There are many good sources of up-to-date information on the calls for increased restrictions on encryption that started after the September 11, 2001 terrorist attacks, including:

For more general information on the public policy aspects of encryption see "Links to further resources, focusing on encryption politics" in the following section.

8. Where can I read more about encryption?

We've listed some useful sites below. Bulleted subsections denote the page's focus and particularly useful resources. Items marked with an asterisk (*) are for readers interested in the more technical workings of encryption.

Cryptography at Electronic Frontiers Australia

Cryptography FAQs at FAQs.org

Other Miscellany

Links to further resources

Links to further resources, focusing on encryption politics

Links to technical resources for advanced encryption users

If you need to know more about a specific topic, try searching for it from your favorite Web search site.

9. How do I find out whether a particular encryption program is legally available where I live?

Many programs and algorithms used for security purposes are not available outside of the United States because of U.S. export law. Some policy makers are now calling for increased restrictions on the use of encryption in response to the September 11, 2001 terrorist attacks on the World Trade Center and the Pentagon. Before acquiring or using any encryption software, you will need to make sure that it is legal to use in your location. In most cases, this information will be included in the licensing agreement. When downloading or installing software, read the licensing agreements. For the software reviews in this guide, we've tried to ascertain whether the programs are available outside of the U.S., but ultimately it's up to you to determine whether a given program is legal to use where you live. Some of the links provided below may help.

10. Cryptography Terms

Defined below are some of the terms used throughout this guide. For a more comprehensive look at cryptography terms, try some of the following sites:

Follow the link from the term to read more about it (often on another site).

Algorithm
The American Heritage Dictionary defines an algorithm as "a step-by-step problem-solving procedure, especially an established, recursive computational procedure for solving a problem in a finite number of steps." In the context of encryption, an algorithm is the mathematical formula used to scramble and unscramble data. It typically has two elements: data (for example, an email message that you want to encrypt or decrypt) and a key.
 
Asymmetric Cryptography (Also known as public key cryptography.)
Encryption software that requires two keys: a public key and a private key. Encryption software users distribute their public key, but keep their private key to themselves. When someone wants to send an encrypted message, the sender uses the recipient's public key to encrypt the message, which can only be decrypted by the person who holds the corresponding private key. For example, Jack makes public key A and private key A, and Jill makes public key B and private key B. Jack and Jill exchange their public keys. Once they have exchanged keys, Jack can send an encrypted message to Jill by using Jill's public key B to scramble the message. Jill uses her private key B to unscramble it. If Jill wants to send an encrypted message to Jack, she uses Jack's public key A to scramble her message, which Jack can then unscramble with his private key A. Asymmetric cryptography is typically slower to execute electronically than symmetric cryptography.
 
Authentication
Assuring that a message has not been modified in transit or while stored on a computer is referred to as authentication. It is one of the objectives of cryptography. (This is referred to as message authentication or message integrity.) Assuring that a public key really belongs to a specific individual, or that a specific individual has the right to send a particular encrypted message is another type of authentication.
 
Back Door
A "back door" is a software function that allows someone to decrypt data without the key. In some cases, software creators intentionally include this function in software. Software that has a back door is not secure. Read more about this in the vulnerabilities section.
 
Certificate
A certificate is a data file that identifies an individual, organization, or business. Certificates are obtained from specialized certificate-issuing companies such as VeriSign, and can be used to encrypt data and/or confirm the certificate owner's identity.
 
Cipher, Block Cipher, Stream Cipher
A method of encryption and decryption, a.k.a. encryption algorithm.
 
Cleartext
Unencrypted text, a.k.a. plaintext.
 
Cracker
The Free On-line Dictionary of Computing defines a cracker as someone who attempts to gain unauthorized access to a computer system. These individuals often have malicious reasons for breaking into a system. (For example, to obtain a list of Social Security numbers or bank accounts.)
 
Cryptanalysis
The testing of cryptography. An algorithm or program is said to have been cryptanalyzed if cryptographers have tested it for vulnerabilities.
 
Digital Signature
A small piece of code that is used to authenticate the sender of data. Digital signatures are created with encryption software for verification purposes. A private key is used to create a digital signature, and a corresponding public key can be used to verify that the signature was really generated by the holder of the private key. See asymmetric cryptography.
 
Digital Signature Standard (DSS)
DSS is the U.S. government's standard for authenticating a digital signature.
 
FTP (File Transfer Protocol)
FTP is an old but still widely used method for sending data across the Internet. The protocol itself has no security, so any login and password information is sent as plaintext. This means that if the login/password transmission is intercepted the security of any data stored on the FTP server may be compromised. There are ways to add security to FTP transmissions, but they require special software for both the server and the client (the computer that stores data and the computer that sends and receives data). Web browsers can also act as FTP clients. If your Web browser's address bar starts with "ftp://" instead of "http://" you are connected to an FTP server.
 
Key
A specific string of data that is used to encrypt and decrypt messages, documents or other types of electronic data. Keys have varying levels of strength. Keys having higher numbers of bits are theoretically tougher to break because there are more possible permutations of data bits. (Since bits are binary, the number of possible permutations for a key of x bits is 2x.) The specific way a key is used depends on whether it's used with asymmetric or symmetric cryptography.
 
Keyring
A set of keys. In asymmetric encryption software, separate keyrings are used to store private keys and public keys
 
PGP (Pretty Good Privacy)
PGP is the de facto standard for software encryption. It is available in a variety of versions, some of which can be downloaded for free from Web sites, others of which are sold commercially. Because it is so widely used, PGP is one of the most heavily cryptanalyzed encryption programs in the world. (This means that countless cryptographers and programmers have so far been unable to break it.) Check our reviews page for details.
 
Plaintext
Unencrypted text, a.k.a. cleartext.
 
Private Key
Private keys, a.k.a. secret keys, are used in asymmetric cryptography. One of their primary purposes is to enable someone to use a public key to encrypt data that can only be decrypted by the owner of the corresponding private key. Private keys should not be distributed. See asymmetric cryptography.
 
Public Key
Public keys are used in asymmetric cryptography. One of their primary purposes is to enable someone to encrypt messages intended for the owner of the public key. Public keys are meant for distribution, so anyone who wants to send an encrypted message to the owner of the public key can do so, but only the owner of the corresponding private key can decrypt the message. See asymmetric cryptography.
 
Secret Key
See private key.
 
Self-Decrypting Archive
A self-decrypting archive is similar to the self-extracting archive that is typically used with software that is downloaded from the Internet. It contains an archive with one or more files that will automatically open and decrypt with the appropriate key or password. The advantage of a self-decrypting archive is that the recipient doesn't need special software to decrypt files. Typically, the self-decrypting archive software prompts the recipient for a password, and extracts its contents if the password is correct.
 
Signature
See digital signature.
 
SSH (Secure Shell)
SSH, like Telnet, is a protocol that allows someone using one computer to remotely operate another computer. Unlike Telnet, however, it uses secure (encrypted) transmissions.
 
Symmetric Cryptography
A method of encryption in which a single key is used to scramble and unscramble data. One weakness of symmetric cryptography is that the user has to distribute the key to the recipient without letting it fall into the wrong hands. The user can do this by encrypting the key itself, but then another key will be needed to decrypt the first one. See also asymmetric cryptography.
 
Telnet
Telnet is a protocol that allows someone using one computer to remotely operate another computer. Like FTP, Telnet is not secure. Security is possible by using special Telnet server/client software or an alternative protocol (like SSH).
 
Web of Trust
An informal means of confirming the identity of someone with whom you communicate electronically. In asymmetric cryptography, one of the biggest concerns is ensuring that the person who claims to be John Doe is really John Doe. Jane Doe can verify that John Doe is really John Doe by non-electronic means, such as by phone. If Jane Doe knows that John Doe has taken similar steps to verify that Jack Smith and Jill Jones are who they claim to be, then Jane Doe may trust his contacts, as well. This is referred to as a Web of Trust.
 

Acronyms and terms that you have encountered in this guide that are not listed here may be encryption standards or algorithms. For more information please see Appendix B: What are the different kinds of algorithms that encryption software programs utilize?


Appendices

Appendix A: "Brute Force" Cracking

As discussed in section 5, "What are the vulnerabilities in encryption and how do I guard against them?," "brute force" cracking is a method of finding a password or key by trial and error. The longer the password or key, the more difficult it becomes to crack it. For example, a 56-bit key has 256 possible keys. That's up to 72,057,594,037,927,936 – seventy-two quadrillion – keys that must potentially be tried in order to find the correct one.

That doesn't mean that a 56-bit key is strong enough to prevent successful brute force attacks. Even back in 1997 when desktop computers were much less powerful than current models (this guide was written in September 2001), a distributed computing effort cracked the RSA's 56-bit RC5 encryption in less than 250 days. (See an article on the effort. A distributed computing effort is one in which many computers share the task of testing the seventy-two quadrillion possible combinations of bits.) In 1998, a similar effort took just 39 days using 50,000 computers. Those computers tried 85% of the possible combinations, at speeds that at times reached 26 trillion keys per second, before finding the right key. Another 1998 effort, by the Electronic Frontier Foundation, took only 3 days to crack a 56-bit DES key using a special computer called the DES (Data Encryption Standard) Cracker.

In some cases, viruses have invaded computers and used their computing power without the owner's knowledge. (GRC.com has a story about a malicious cracker who launched a denial-of-service attack that flooded a computer with more data than it could process, using 474 Microsoft Windows computers without their owners' knowledge.)

Fortunately, increasing the number of bits in a key exponentially increases the number of possible keys that would have to be tested with the "brute force" method. So, a 128-bit key could be any one of 3.4 * 1038 keys, a 192-bit key could be any one of 6.2 * 1057 keys, and a 256-bit key could be any one of 1.1 * 1077 keys. A note at the U.S. Computer Security Resource Center's Advanced Encryption Standard FAQ states:

In the late 1990s, specialized "DES Cracker" machines were built that could recover a DES key after a few hours. In other words, by trying possible key values, the hardware could determine which key was used to encrypt a message. Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 trillion years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.

Note that these efforts are per key; if you were to divide the data you were encrypting into 10 subsections and used a different key for each of the subsections, this decryption process would need to be repeated 10 times.

To summarize, brute force cracking can be significantly slowed with strong encryption, (essentially, just using longer keys) and slower algorithms. Modern strong encryption should be able to hold off all but the best-funded efforts by crackers with lots and lots of time on their hands. Encryption can make data access difficult enough that a malicious cracker may decide to look for an easier target rather than spending resources attempting to crack strong encryption.

Appendix B: What are the different kinds of algorithms that encryption software programs utilize?

The complexity of these algorithms prevents us from describing their workings in-depth in a guide intended for readers with limited technical knowledge of encryption, but here are some links and names that may be useful if you want to know more about the technical aspects of encryption software. You can always find more information on each algorithm (including ones that are not listed here) simply by searching for the algorithm's name on your favorite Internet search engine.

One interesting read is the PGP Diffie-Hellman vs. RSA FAQ, which discusses the effectiveness of various algorithms.

Advanced Encryption Standard (AES)

AES is the block cipher being developed as a successor to DES. (AES was not completed at the time this guide was published.) It operates under the symmetric key model. Some of the other encryption algorithms listed in this section were submitted as candidates to become AES. The selected algorithm is one called Rijndael (one suggested pronunciation: "rain doll"), a variant of an algorithm called Square.

Blowfish

Blowfish is a block cipher that employs the asymmetric key model. "Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. Since then it has been analyzed considerably, and it is slowly gaining acceptance as a strong encryption algorithm. Blowfish is un-patented and license-free, and is available free for all uses." (Counterpane Internet Security: The Blowfish Encryption Algorithm)

Carlisle Adams/Stafford Tavares (CAST)

CAST is a group of ciphers. "CAST-128 belongs to the class of encryption algorithms known as Feistel ciphers; overall operation is thus similar to the Data Encryption Standard (DES)." (C. Adams, Entrust Technologies: The CAST-128 Encryption Algorithm) It operates under the symmetric key model.

"It is resistant to both linear and differential cryptanalysis. Currently, there is no known way of breaking CAST short of brute force. There are no known attacks on CAST with reduced rounds – it looks incredibly secure. CAST is now the default cipher in PGP." (PGP Diffie-Hellman vs. RSA FAQ: What is CAST?)

"CAST is a family of ciphers. Some of the other 'CAST' ciphers have succumbed to advanced attack. (Rijmen and Preneel have attacked some CAST designs and so have Kelsey, Schneier & Wagner.) The same attacks have been tried against the implementation of CAST used in PGP and have, thus far, failed." (PGP Diffie-Hellman vs. RSA FAQ: What is CAST?)

Data Encryption Standard (DES) and Triple-DES (3DES)

DES is the current standard encryption algorithm. "DES was developed in the 1970s by the National Bureau of Standards with the help of the National Security Agency" with an algorithm submitted by IBM. (The Next Wave: What is DES?) It operates under the symmetric key model.

"Unfortunately, over time various shortcut attacks were found that could significantly reduce the amount of time needed to find a DES key by brute force. And as computers became progressively faster and more powerful, it was recognized that a 56-bit key was simply not large enough for high security applications." (Tropical Software: DES Encryption (DES)

" On July 17, 1998 the Electronic Frontier Foundation (EFF) announced the construction of a DES brute-force hardware cracker (http://www.eff.org/descracker/). This $220,000 device can break a DES key in an average of 4.5 days." (Dr. Dobb's Journal: The Current State of DES)

Triple-DES is only a third as fast as DES, but uses three keys to effectively triple the key length to 168 bits, making the algorithm "billions of times more secure [than DES] if used properly." (Tropical Software: Triple DES Encryption [Triple DES])

Diffie-Hellman (and ElGamal, a derivative)

Diffie-Hellman is an encryption algorithm that employs the asymmetric key model.

"In 1976, Diffie and Hellman started an explosion of open research in cryptology when they first introduced the notion of public-key cryptography, which allows for new electronic means to handle key distribution in conventional cryptographic systems and for digital signatures in electronic messages." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)

"The Stanford patent on the Diffie-Hellman technique... expired in 1997 and [the technique] is now in the public domain." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)

GOST

GOST is the U.S.S.R. 28147-89 standard protection algorithm, analogous to the U.S.'s DES. "The algorithms are similar in that both operate on 64-bit blocks by successively modifying half of the bits with a function of the other half." (GOST encryption algorithm: Russian analogue to US Standard?)

International Data Encryption Algorithm (IDEA)

IDEA is a block cipher used in PGP. "IDEA, unlike the other block cipher algorithms discussed in this section, is patented by the Swiss firm of Ascom. They have, however, been generous in allowing, with permission, free noncommercial use of their algorithm, with the result that IDEA is best known as the block cipher algorithm used within the popular encryption program PGP." (IDEA (International Data Encryption Algorithm)

Triple-DES

See "Data Encryption Standard (DES) and Triple-DES (3DES)"

Twofish

"Twofish is a block cipher by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists. Twofish is unpatented, and the source code is uncopyrighted and license-free; it is free for all uses." (Counterpane Internet Security: Twofish: A New Block Cipher) It operates under the symmetric key model.

Rivest-Shamir-Adelman (RSA)

RSA is a family of algorithms that employ the asymmetric key model. There are actually multiple incarnations of this algorithm; RC5 is one of the most common in use, and RC6 was a finalist algorithm for AES. Searching for how RSA works often yields a host of pages about how it works mathematically, because the U.S. patent on the RSA algorithm expired on September 21, 2000. (RSA Security, Inc. actually began offering the algorithm to the public before the 17-year-old patent expired.)