gtuo7kv8
Post Master
Joined: 06 Aug 2013
Posts: 11955
Read: 0 topics
Warns: 0/5 Location: England
|
Posted: Fri 16:11, 16 Aug 2013 Post subject: hollister Seecrets on Security |
|
|
For humans, we recognize numbers with the digits from 0 to 9,where else, the computer can only recognize 0 or 1. This is thebinary system which uses bits instead of digits. To convert bitsto digits, just simply multiply the number of bits by 0.3 to geta good estimation. For example, if you have 256-bits ofIndonesian Rupiah (one of the lowest currency denomination inthe world), Bill Gates' wealth in comparison would bemicroscopic.
The National Security Agency (NSA) approved AES in June 2003 forprotecting top-level secrets within US governmental agencies (ofcourse subject to their approval of the implementation methods).They are reputedly the ones that can eavesdrop on all telephoneconversations going on around the world. Besides, thisorganization is recognized to be the largest employer ofmathematicians in the [link widoczny dla zalogowanych] world and may be the largest buyer ofcomputer hardware in the world. The [link widoczny dla zalogowanych] NSA probably havecryptographic expertise many years ahead of the [link widoczny dla zalogowanych] public and canundoubtedly break many of the systems used in practice. Forreasons of national security, almost all information about theNSA - even its budget is classified.
However, if we substitute the word "egg" and replace it with"number", "molecules" with "digits", it is POSSIBLE. This, myfriend, is the exciting world of cryptography (crypto forshort). It [link widoczny dla zalogowanych] is a new field dominated by talented mathematicianswho uses vocabulary like "non-linear polynomial relations","overdefined systems [link widoczny dla zalogowanych] of multivariate polynomial equations","Galois fields", and so forth. These cryptographers useslanguage that mere mortals like us cannot pretend to understand.
Corollary: "The sum total of all human wisdom is not a primenumber."
The effective key length used is only 112-bits (equivalent to 34digits). The key is any number between 0 and5192296858534827628530496329220095. Some modify the last processusing Key [link widoczny dla zalogowanych] 3, making it more [link widoczny dla zalogowanych] effective at 168-bit keys.
A dictionary attack usually refers to text-based passphrases(passwords) by using commonly used passwords. The total numberof commonly used passwords is surprisingly small, in computerterms.
Data Encryption Standard (DES), introduced as a standard in thelate 1970's, was the most commonly used cipher in the 1980's andearly 1990's. It uses a 56-bit key. It was broken in the late1990's with specialized computers costing about US$250,000 in 56hours. With today's (2005) hardware, it is possible to crackwithin a day.
This article may be freely reprinted providing it is publishedin its entirety, including the author's bio and link to the URLbelow.
For the last definition, we will use an example. Let's say youhave your house equipped with the latest locks, no master keysand no locksmith can tamper with them. Your doors and windowsare unbreakable. How then does an adversary get into your housewithout using a bulldozer to break your front door? Answer: theroof - by removing a few tiles, the adversary can get into yourhouse. This is an exploit (weakness point). Every system,organization, individual has exploits.
Stan Seecrets' Postulate: "The sum total of all human knowledgeis a prime number."
In the computer, everything stored are numbers. Your MP3 file isa number. Your text message is a number. Your address book is alonger number. The number 65 represents the character "A", 97for the small "a", and so on. [link widoczny dla zalogowanych]
With the increasing incidence of identity thefts, credit cardfrauds, social engineering attacks, the digital world is facingchallenges in the years ahead. Obviously, cryptography, a youngscience, will play a prominent [link widoczny dla zalogowanych] digital assets. This article tries to explain thebasics of cryptography (encryption) using plain language.
The hexadecimal (base 16) system uses the ten digits from 0 to9, plus the six extra symbols from A to F. This set has sixteendifferent "digits", hence the hexadecimal name. This notation isuseful for computer workers to peek into the "real contents"stored by the computer. [link widoczny dla zalogowanych] Alternatively, treat these differentnumber systems as currencies, be it Euro, Swiss Franc, BritishPound and the like. Just like an object can be priced withdifferent values using these currencies, a number can also be"priced" in these different number systems as well.
When we want to encrypt something, we need to use a cipher. Acipher is just an algorithm similar to a recipe for baking acake. It has precise, unambiguous steps. To carry out theencryption process, you need a key (some called it passphrase).A good practice in cryptography needs the key used by a ciphermust be of high entropy to be effective.
See, it is not that difficult after all. If you can understandthe material presented in this article, congratulations - youhave become crypto-literate (less than 1% of all currentcomputer users). If you do not believe me, try using some ofthis newfound knowledge on your banker friends or computerprofessionals.
A keylogger is a software program or hardware to capture allkeystrokes typed. This is by far the most effective mechanism tocrack password-based implementations of cryptosystems. Softwarekeylogger programs are more common because they are small, workin stealth-mode and easily downloaded from the internet.Advanced keyloggers have the ability to run silently on a targetmachine and remotely deliver the recorded information to theuser who introduced this covert monitoring session. Keystrokemonitoring, as everything else created by man, can either beuseful or harmful, depending on the monitor's intents. Allconfidential information which [link widoczny dla zalogowanych] passes through the keyboard andreaches the computer includes all [link widoczny dla zalogowanych] passwords, usernames,identification data, credit card details, and confidentialdocuments (as they are typed).
An adversary is somebody, be it an individual, company, businessrival, enemy, traitor or governmental agency who would probablygain by having access to your [link widoczny dla zalogowanych] encrypted secrets. A determinedadversary is one with more "brains" and resources. The best formof security is to have zero adversary (practically impossible toachieve), the next best is to have zero determined adversary!
Let us take the example of scrambling an egg. First, crack theshell, pour the contents into a bowl and beat the contentsvigorously until you achieved the needed result - well, ascrambled egg. This action of mixing the molecules of the egg isencryption. Since the molecules are mixed-up, we say the egg hasachieved a higher state of entropy (state of randomness). Toreturn the scrambled egg to its original form (includinguncracking the shell) is decryption. Impossible?
A brute force attack is basically to use all possiblecombinations in trying to decrypt encrypted materials.
1. Encrypt with Key 1. 2. Decrypt with Key 2. 3. Encrypt withKey 1.
To digress a bit, have you ever wondered why you had to studyprime numbers in school? I am sure most mathematics teachers donot know this answer. Answer: A subbranch called public-keycryptography which uses prime numbers especially for encryptinge-mails. Over there, they are talking of even bigger numberslike 2048, 4096, 8192 bits.)
Advanced Encryption Standard (AES) was adopted as a standard bythe National Institute of Standards & Technology, U.S.A. (NIST)in 2001. AES is based on the Rijndael (pronounced "rhine-doll")cipher developed by two Belgian cryptographers, Victor Rijmenand Joan Daemen. Typically, AES uses 256-bits (equivalent to 78digits) for its keys. The key is any number between 0 and15792089237316195423570985008687907853269984665640564039457584007913129639935. This number is the same as the estimated number ofatoms in the universe.
Subsequently, Triple-DES superseded DES as the [link widoczny dla zalogowanych] logical way topreserve compatibility with earlier investments by bigcorporations (mainly banks). It uses two 56-bit key using threesteps:-
The post has been approved 0 times
|
|