What Is Encryption?

[Uentil 0]

Ive been doin alot of research on encryption, so here it is.

Encryption is the translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text.

So like for passwords on sites, it is encrypted so when hackers get into the site, they can't get the passes.

Notice from BuffaloHELP:

Copied source http://www.webopedia.com/TERM/E/encryption.html

[Paul 0]

Hmm... isn't encryption a little more complicated than that? I dont really know about encryption because I can use readymade certificates from VeriSign etc., but how does encryption work?

Let's take two computer for example (Computer X and Computer Y). Now, I want to send a 'secret' message from X to Y. So, I'll use a 'secret key' to encrypt the file that I'm sending. So I send an encrypted message that Y can't understand without the key. Now, how will I send the key to Y without exposing the secret key to hackers who can then take both pieces of information (secret key and encrypted message) and put it together to reveal the secret? Because, If I send the key via the internet, it is exposed to the same danger as the encrypted message is!

Hope you understand what I'm asking !


NOTE that it would be considered plagiarism to post material from other sites directly onto these forums without placing them in quotes!

Please place the definition of encryption in quotes like these:

Encryption is the translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text.

Doing this ensures that you are sticking to forum rules!

[uiop 0]

Encryption usually involves an encryption "key" that you use to decode the encrypted string. Although it's not encryption, look up MD5 for a good example.

[brainless 0]

Encryption can be as basic as replacing every 'a' in the plain text by a 'b', every 'b' by 'c' or, easier for computer users, by hitting the key right or left to the original key (I'll give an example for a german notebook keyboard):

(plain) Xisto IS GREAT
(a-> USBQ28 JT HSFBU
(right) ZTSÜ28 OD HTRSZ
--the fourth letter in the last example is a german Umlaut, a special character. It might not be displayed correctly in other regions--

Well, that's encryption for you. It is, however, not secure since the pattern will repeat and thereby it will become easy to crack. Some smart people invented a secure (well, as secure as encryption can be. If you lose the secret key, it's not secure anymore but hey, that's the human factor) encryption method working with a pair of keys, one of them public and one private. Unlike other encryption methods, public key-encryption works better the wider you can spread your public key.

Whoever wants to send you an encrypted message uses your public key to encrypt it - but this message can not be decrypted using your public key. Your private key on the other hand enables you to decrypt it.
Using this method, a text (or file) can even be "signed" by you - use your private key to encrypt the text or create the text's signature and it can be decrypted/validated using your public key...

...this method is used in the proprietary PGP("Pretty Good Privacy")-Software and the compatible, free Open- and G-PG("GNU Privacy Guard")-Software and some other software to encrypt your communication.

If your private key-file falls into the wrong hands, however, you should be quick to spread your revokation certificate (a file PGP/OPG/GPG can generate using your private key) so people know for sure that your private key is not private anymore (well, it might still be secure but everything that prevents someone from using your private key to decrypt your communication is a simple passphrase like you can set for e.g. a web service)...

by the way, "Xisto IS GREAT" looks like this when encrypting it using GPG and a 4096bit-key (i.e. the one I'm mostly using):

-----BEGIN PGP MESSAGE-----Version: GnuPG v1.4.3rc1 (MingW32) - WinPT 0.11.8rc1

hQQOAy8jq7axk+gwEA//V6Uj5gZIbggG5YaWA5nbM075gGobq168gxq1Arj03Zu6
RXHdYu8ZZOqqGlnhkGkkXgvlKLuCRNp00t0JjjWAR7PBgQYewM9bLX4WXNju94ju
OQ2StfS5fL/kGIYihkEseuD0lojdIXLFJj3Urx39L6QaFSwfy+V0H0JIXk8Wp08k
2XVaZPsZDpzArNjEnb09xsIzzY/HMDLjcMbh/KIXw8TyytW4RZ7Mapdaba4Layaj
8bZTMzNpASP1dZkVTle+S4as5DM4Coam80VjGh3DRtK/khVcivW09rybydgAX5U2
KIbz1r6o0uCpjOWr6YcHF7eKwjQ54QvD4N7Y20yA9K8pN7JlnvYAUfJ9YkBnD9An
pjNwjITLRl3dJtaKt/3lR7RBWnwmu7xiZ9SbF1PSJU1IND/Vh9heCUEJfNCi2dIH
ECjjz7kYh8ff6tWD8ZO1QHmIbU+JWWauRBvunT7W9GPCNjj42UP+mf79M4AHEGc9
Tlc6E0yiv5Ud+OFzPGAMDTMtwR85Psk+FuVnUjnLD5oVnTjWX1Zv2Nq5t2N8zKLu
J8gqCW7PnKLxtk8bgw88kO1gsbe/iO80HX9qY9AMx7gPl9Sk7PuWj6WG6ykVG9gg
YxBDQoipK55WiLas9Eh6gRH7WiwRI3f8Ixcm4a8FA7tleDgNEhzmfN4YeRn+oMIQ
AKbtPc5M37HrgN8086/0Rd/U8OoLRhpFKT9SeaoBLWDRMf1TvlwEcCmKWZ4itSMp
Hk6yofeQq2HBhsiUgJ3jw29tF0qI4h+2LCCGF+2U6vcgIQWTj6wKuZsQfh/MlkT9
cy7NPd3PDjbW2wMOyHYN6KUVpFGxTqStfvvD5LMBA/XAgSD/rMsnzNgjhy65B+SI
qu4zL3CV47Rc/PihciZNooZUuRWEOXrfd15s9s4UXMpqVwL8hfFE4CEu5WLfEAfZ
P4g7MrV3pE+SobVXfjP8xqK242Xe6sxzAnzLEIvA+jWuz8UtI/1uQJ2DE62o1CIn
rqCkLUilQGlJABtAqXujDNGWNDNJv9RDTQ9eXRdudEfMJDjatkRbUAxmEFccGZrX
biG2IeKQHRRN5qI6t90uylojwsFZbV8OrDc8JftMEapxPxM/qC87c+NK1PAo6LZ8
jrMgvioDsuUcxH2ubFxE+fnA31TPW/sDD/X6xo7OOsnrvbjc35i9rKsOeiWbwYnQ
vRv4Lh4TH8naozWA0glofug1SDDoUzcFyTx0bKPjHDtbqHxaQawW+3Kr56V7ECsk
PvSe1rGnxNzWf55Rr6k4bjzYT+aOM58GAYsYCCywzgPnzsqBS05ZXIPCexb6gswQ
ba1vCYIkj6OkNpVoXUyqtfwrZBXHyH9ODfz2oajmDfz70koBOeEEuMXNbd0QX/Yy
r0wWhW8ERImnfBoryJ81kPybwIya0vkimzoCbEFEugESbCQfMBKRigSvaNnWkxhl
6I9Ae6WflsSgSCOJ3Q==
=vib9
-----END PGP MESSAGE-----

try guessing that...
Edited June 13, 2006 by brainless (see edit history)

[Uentil 0]

Yeah, it like an uncrackable language for like storing passwords

[husker 0]

What is encrypion? That is the question that you are asking us to tell you. Let me explain encryption in the easiest way that I can. Dictionary.com explains encryption in a scientific, yet simple way to get the point across. It says simply this:

enˇcrypt Audio pronunciation of "encryption" ( P ) Pronunciation Key (n-krpt)tr.v. enˇcryptˇed, enˇcryptˇing, enˇcrypts

1. To put into code or cipher.
2. Computer Science. To alter (a file, for example) using a secret code so as to be unintelligible to unauthorized parties.

So it is as if encryption is a computer science

[gaurdro 0]

It should be noted that there is a difference between two-way encryption(reversable) and one-way encryption (hashing). For most password checking and such where the original message is unimportant but you need a way to check that the person has the correct data. you could use such one-way hashing such as md5 which outputs a string of hex digits(I think 40 characters?). the original message cannot be reconstituted from the hash but everytime you has a certain string it will begit the same hash. you can therefore match the hashes to check a password but if someone is able to break into your database or storage depot they won't be able to get the code even with the hash firmly in hand. two-way encryption is best divided into two parts. single key encryption is used for such things as your windows password or basic encryption for file transfers. This isn't as secure as other forms because there is a single key that must be transferred from one place to another. typically the key is formed by taking one huge prime number and multiplying it by another huge prime number (aka: double prime encryption). this makes it very hard to guess the key because the number has only two factors and "normal" methods of cracking a code rely on factoring the key based on the output of the decryption attempt but with only two it's very difficult for the program to guess.the other form of two-way encryption is private/public key encryption. (this stuff is all around you). this has a publicly available key that enables anyone to encrypt data. but to unencrypt the data there is a separate key that is kept private and is often encrypted using the first method of two-way encryption. this makes the data an order of magnitude more secure because instead of guessing one key(which can be very very difficult) they have to guess one key then try and decrypt another something that is also encrypted to see if the key was done correctly. this adds another step which will bog down even the fastest machines because of the millions of iterations necisary to guess the first key. the private key can also be sent using another bit of data used when generating the public key that will force the generation of the correct private key. this is typically done using parallel programming. both the sender and the reciever have a program that generates private keys and using a token of data will generate the proper key to decrypt the data.A new form of encryption that is still in the development state is called "quantum encryption". before you turn off your eyes, it really does exist. it involves a hand shake of sorts (like how your computer negotiates a connection to a host). the sending computer sends bits of lets say electrons. the recieving computer chooses a filter and sees if the electron makes it or not. only the data of whether or not the electron made it are important to the home computer. after several iterations of this a key is generated on the sending computer and the data is then sent to the reciever by this method (after being encrypted). the data appears at the other end correctly. if someone trys to sniff the data it will be very evident because the data will appear garbled on the other end because the sniffing alters the qantum state of the electron(thing of it spinning counterclockwise or clockwise for different states.) and unless the intruder has guess the proper filter the data will also appear garbled to him/her. and this can be done on the fly indefinitely without any possible leaks.

[lemonwonder 0]

Thats very interesting, i skim red everything above, so if it replaces all a's with b's, when it changes em bak woodnt it make b's a's so if I sent.Hi how Are you BritAnyIt wood chnge it to this: Hi how bre you BritbnySo if it changes all b's bak to a's it wood be like dis:Hi how are you aritany

[quakesand 0]

The a-->b is just a example, but "real" encryptions is done with more math..There are many-many type of encryption techniques, some of them gets the length of the string and then chr(can only get the digit of a character) it, and then chr each alphabet and add the digits together. How they add them together IS (11+24+90=112490) and NOT (11+24+90=125).But stronger encryptions use custom passwords, and they have to make sure the password is strong enough to prevent hackers guessing it.I don't exactly know how to make one, but i know it was made by math, the converting technique(a--->b c--->d) is a old type of encryption way.

[the_aggie10 0]

can someone give me an example of a key? and is there any program that can take an encrypted code and decrypt it on its own? i wouldnt be suprised...

[quakesand 0]

yes there is, i will edit after i uploaded it...I made it...:lol:EDIT:I finished making the program :(please download from the attachments.

Edited October 26, 2006 by quakesand (see edit history)

[techclave 0]

Encryption is used to protect almost all kinds of data these days.. And the tool i use for encrypting my data is winzip.. It is pretty easy to encrypt and a good option too.. Especially when you are having online backups of your data .. But then, i guess few encryption techniques have become easily decrypted.. For example there has been many winzip password breakers developed and released.. Also ,a big problem arises when, say you have lost your password !!! This can really turn a person nuts !! I have been through this kind of torture a couple of times ,where i had lost my passwords for a couple of data files i encrypted using winzip... The i had to use those password breaking software to find a way out !! Maybe in future we could encrypt data with biometrics in our everyday life.. We could then live hassle free , with our fingertips and iris doing all the work for us.. And it would also be a boon for lazy people like me !!! Would 'nt it be wonderful to just place your fingers and get authenticated instead of typing the same passwords again and again ...

[quakesand 0]

Yea, but someone may chop off your fingers if your protecting a important file...I won't risk my finger for that...

[brainless 0]

quakesand: thanks for trying, but...: When I try to run encrypter.exe from within WinRAR, I get this error message:

"The Dynamic Link Library d3d8.dll was not found in the Path." [with Path being the environment variable ]. Maybe you need to ship this [and any other DLL used] with the program?

can someone give me an example of a key? and is there any program that can take an encrypted code and decrypt it on its own? i wouldnt be suprised...

What kind of key would you like to see? The key to use depends on the method you're going to use...

anyways, I'll just get my laptop back up and running again, then I'll generate a key pair for public key-encryption to publish here (well, I could just post one of my public keys but that would've been to easy; plus the Windoze-Notepad is unable to cope with them as of today...)

techclace: biometrics is basically a nice idea for encryption but I'd rather not use it for important stuff - as of today, face scanning machines don't recognize someone with a bruise in his face when he's been scanned without it...

[liauce 0]

Can PDA encryption be trustworthy? Or those softwares that claim to store and encrypt your password. I'm looking around for one, so that I can change my password very often. I know with Google, people these days can just snoop around and find your password or credit card number very easily. Though I doubt most of us will be prone to major attacks, we may be the unfortunate target of a few pranksters.