|This article does not cite any references or sources. (December 2011)|
Encryption software is software whose main task is encryption and decryption of data, usually in the form of files on (or sectors of) hard drives and removable media, email messages, or in the form of packets sent over computer networks.
Encryption software executes an algorithm that is designed to encrypt computer data in such a way that it cannot be recovered without access to the key. Software encryption is a fundamental part of all aspects of modern computer communication and file protection and may include features like file shredding.
The purpose of encryption is to prevent third parties from recovering the original information. This is particularly important for sensitive data like credit card numbers.
Many encryption algorithms exist. The more popular options were submitted to the National Institute of Standards and Technology or NIST for the Advanced Encryption Standard (AES) competition. The winner, Rijndael, got 86 votes while Serpent got 59 votes, Twofish 31 votes, RC6 23 votes and MARS 13 votes. NIST chose Rijndael as its standard. Serpent and Rijndael are in fact somewhat similar; the main difference is that Rijndael is faster (having fewer rounds) but Serpent is more secure.
There are several factors that affect the choice of an encryption algorithm including speed and security. The simplest method would be an XOR operation, with a constant value , of each byte of plain text , to produce a cipher value .
Public key systems are based upon algorithms that are at least strongly believed to be "one-way" operations. That is, encryption with one member of a key pair is only easily reversed (decrypted) using the other member of the pair. Further, one member of the pair (the public key) cannot be easily used to determine the other (the private key). Provided the problems posed by the system to cryptanalyst are effectively unsolvable, the system is effectively secure. Such systems are used for key exchanges (for subsequent use of symmetric key ciphers), digital signatures and the like.
Symmetric key ciphers (also referred to as secret key ciphers) are called such because the same key is used for both encryption and decryption. Thus, in order for messages encrypted with a symmetric key cipher to remain secure, the key used must remain secret. Symmetric key ciphers can be further subdivided into stream ciphers and block ciphers.
Stream ciphers typically encrypt plaintext a bit or byte at a time, and are most commonly used to encipher real-time communications, such as audio and video information. The key is used to establish the initial state of a key-stream generator, and the output of that generator is used to encrypt the plaintext.
Block cipher algorithms encrypt blocks of bytes of plaintext a block at a time. The Advanced Encryption Standard algorithm (AES - derived from the Rijndael cipher algorithm) is a block cipher that processes 16 bytes at a time, while its predecessor, the Data Encryption Standard algorithm (DES) encrypted blocks of eight bytes.
A common mistake made by amateur cryptographers is the assumption that because the method is secret, the cipher is secure. This is not usually true. Many "home grown" encryption algorithms reveal the key quite easily when fed a string of identical bytes (e.g., nulls).
The purpose of disseminating an encryption method is to allow the community to evaluate it. If it is indeed secure, then its power lies in the fact that its method has been subjected to scrutiny and found to be sound, not that it is secret.
Encryption can be applied to data in many ways. Common categories are:
- Disk encryption software (also known as OTFE software)
- File/folder encryption
- Database encryption
- Communication encryption software
Network traffic encryption tools
Each of these categories define the range and location of the data to be encrypted, but the process is the same for each.