Since you've gained enough understanding of the cryptology-mindset I invite you to look into and research the most secure and widespread algorithms. Out of these I'd like to mention the following:
AES - Advanced Encryption Standard - block cipher; currently accepted as the "encryption standard" by the United States.
IDEA - International Data Encryption Algorithm - block cipher that was used in PGP 2.0.
DES - Data Encryption Standard - cipher based on 56-bit key; has been replaced by the AES. It was considered an encryption standard before the release of AES, but it became gradually less secure due to its low bit key.
FEAL - The Fast Data Encipherment Algorithm - designed as an alternative to the DES but over time it proved itself insecure.
SSH - Secure Shell Host.
PGP - Pretty Good Privacy.
Digital Signatures and et cetera.
These previously mentioned algorithms were (and some still are) the most widely-used and popular methods of cryptography. They were/are used everywhere and thousands of hundreds of people rely/relied upon them. Therefore, their user-base is huge and the bugs were/are sorted out in a very quick manner. You should not worry or have any doubts about using these. Currently the AES is considered the best encryption; it was considered an encryption standard by the National Institute of Standards and Technology in 2001, and it is still considered to be an encryption standard.
The NSA of the U.S. Government in 2003 declared the following about AES:
"AES is secure enough to protect classified information up to the TOP SECRET level."
This statement refers to the highest security level that's possible. This kind of information is defined by NSA as being able to cause "exceptionally grave damage" if disclosed to public. AES went through rigorous experiments before receiving this acknowledgment. Its algorithm was developed by two Belgian coders; kudos to them.
It was designed to replace DES (56-bit keys). It brought innovative solutions to the cipher block changing (CBC) algorithms and indeed became more secure than DES. AES supports variable key lengths (a 128-bit key is the default, but it can also handle 192- and 256-bit keys). Its algorithm virtually guarantees that the only way to decrypt the message is by brute-forcing every possible key solution. There isn't or should not be any workaround.
AES was also added as an encryption algorithm to provide security to IPSec. This brought another innovation as compared to VPN (virtual private networks). AES was more secure, and in one word: efficient!
Due to the high number of key-size variations, its security improved dramatically. That is mostly because the algorithm gets more complex, tough and hard exponentially. It does not just "scramble" the data. The encryption process is amazing.
Let's assume that the chosen key for our AES encryption is 128-bit. Then we will have 3.4 x 10^38 possible combinations. On the other hand, DES has 7.2 x 10^16. Keep in mind the rate of exponential functions. The complexity of AES is awesome.
If we assume that a supercomputer is able to decipher a DES code in only one second (255^10 combinations per second) then that exact same supercomputer would need about 149 trillion years to break an AES-based 128-bit key encryption. That is a longer amount of time than our universe has existed (less than 20 billion years).
Prior to the launch of AES its ex-standard DES algorithm was considered a standard by NSA for approximately twenty years. After twenty years of its existence, and with the help of the technological quantum leaps sustained by Moore's Law, specialized proprietary multi-parallel processing hardware was built with one unique purpose - "DES-cracking." These devices succeeded in breaking the DES.
Considering the improved complexity of the AES compared to the DES (up to 256-bit keys versus 56-bit) and the dramatic changes in its algorithm, we can predict that it will be safe for a dozen years, even with the possible innovations in computing throughout the next decade. Right now, AES offers long-term security and efficiency. You should trust it.
This certainly does not means that we should forget about the rest and focus only on AES. Other algorithms might not offer the ultimate in security but they still provide extensive encryption and there's a lot of headroom for further improvements. You may not know when a completely new encryption hits the market. It may happen tomorrow.
Anyway, here is some advice that is helpful with any encryption or validation algorithm: long and complex passwords drastically reduce the possibility that they will be broken. Choose wisely.
blog comments powered by Disqus