Since you've gained enough understanding of the cryptologymindset I invite you to look into and research the most secure and widespread algorithms. Out of these I'd like to mention the following: AES  Advanced Encryption Standard  block cipher; currently accepted as the "encryption standard" by the United States. IDEA  International Data Encryption Algorithm  block cipher that was used in PGP 2.0. DES  Data Encryption Standard  cipher based on 56bit key; has been replaced by the AES. It was considered an encryption standard before the release of AES, but it became gradually less secure due to its low bit key. MSRC FEAL  The Fast Data Encipherment Algorithm  designed as an alternative to the DES but over time it proved itself insecure. ARC4128bit SSH  Secure Shell Host. PGP  Pretty Good Privacy. Public Keys. Hashes. Digital Signatures and et cetera. These previously mentioned algorithms were (and some still are) the most widelyused and popular methods of cryptography. They were/are used everywhere and thousands of hundreds of people rely/relied upon them. Therefore, their userbase is huge and the bugs were/are sorted out in a very quick manner. You should not worry or have any doubts about using these. Currently the AES is considered the best encryption; it was considered an encryption standard by the National Institute of Standards and Technology in 2001, and it is still considered to be an encryption standard. The NSA of the U.S. Government in 2003 declared the following about AES: "AES is secure enough to protect classified information up to the TOP SECRET level." This statement refers to the highest security level that's possible. This kind of information is defined by NSA as being able to cause "exceptionally grave damage" if disclosed to public. AES went through rigorous experiments before receiving this acknowledgment. Its algorithm was developed by two Belgian coders; kudos to them. It was designed to replace DES (56bit keys). It brought innovative solutions to the cipher block changing (CBC) algorithms and indeed became more secure than DES. AES supports variable key lengths (a 128bit key is the default, but it can also handle 192 and 256bit keys). Its algorithm virtually guarantees that the only way to decrypt the message is by bruteforcing every possible key solution. There isn't or should not be any workaround. AES was also added as an encryption algorithm to provide security to IPSec. This brought another innovation as compared to VPN (virtual private networks). AES was more secure, and in one word: efficient! Due to the high number of keysize variations, its security improved dramatically. That is mostly because the algorithm gets more complex, tough and hard exponentially. It does not just "scramble" the data. The encryption process is amazing. Let's assume that the chosen key for our AES encryption is 128bit. Then we will have 3.4 x 10^38 possible combinations. On the other hand, DES has 7.2 x 10^16. Keep in mind the rate of exponential functions. The complexity of AES is awesome. If we assume that a supercomputer is able to decipher a DES code in only one second (255^10 combinations per second) then that exact same supercomputer would need about 149 trillion years to break an AESbased 128bit key encryption. That is a longer amount of time than our universe has existed (less than 20 billion years). Prior to the launch of AES its exstandard DES algorithm was considered a standard by NSA for approximately twenty years. After twenty years of its existence, and with the help of the technological quantum leaps sustained by Moore's Law, specialized proprietary multiparallel processing hardware was built with one unique purpose  "DEScracking." These devices succeeded in breaking the DES. Considering the improved complexity of the AES compared to the DES (up to 256bit keys versus 56bit) and the dramatic changes in its algorithm, we can predict that it will be safe for a dozen years, even with the possible innovations in computing throughout the next decade. Right now, AES offers longterm security and efficiency. You should trust it. This certainly does not means that we should forget about the rest and focus only on AES. Other algorithms might not offer the ultimate in security but they still provide extensive encryption and there's a lot of headroom for further improvements. You may not know when a completely new encryption hits the market. It may happen tomorrow. Anyway, here is some advice that is helpful with any encryption or validation algorithm: long and complex passwords drastically reduce the possibility that they will be broken. Choose wisely.
blog comments powered by Disqus 






