DES and 3DES

Data Encryption Standard (DES) data are encrypted in 64-bit blocks using a 56-bit key. The DES algorithm takes the input through a series of transformations: initial permutation; a complex function, which involves both permutation and substitution operations and depends on a key input; a simple permutation function that switches the two halves of the data; the function is applied again; and a permutation function that is the inverse of the initial permutation takes place. There are five “modes of operation” that have been defined in order to apply DES to a variety of applications. They are Electronic Codebook, Cipher Block Chaining, Cipher Feedback, Output Feedback Counter, and Counter (Cryptography Concepts, 2005).

Triple DES or 3DES involves repeating the DES algorithm three times on the plaintext, using two or three different keys to produce the ciphertext. As stated in the article DES is dead. Long live…Well, um, What, “First it encrypts, then it decrypts and finally it encrypts again” (Moskowitz, 1999). Three DES is now used because it is very resistant to cryptanalysis, serving as an alternative to add security against the potential vulnerability of DES to brute-force attack. Triple DES has been adopted for use in the key management standards ANSI X 9.17 and ISO 8732, along with a number of Internet-based applications, such as PGP and S/MIME (AES, Ciphers, and Confidentiality, 2005). The picture below shows the triple encryption process, as well as show the middle portion of 3DES as a decryption rather than an encryption making it more secure.

A nonce and key distribution center (KDC) shares a secret key or “master” key between each party on a network. The KDC is responsible for generating nonce and keys to be used for a short time over a connection between two parties, known as session keys, and for distributing those keys using the master keys to protect the distribution. The following steps occur:

1. A issues request to the KDC for a session key with B. The message includes the identity of A and B, as well as a unique identifier for the transaction, a nonce, which may include a random number or a counter.

2. The KDC replies with a message encrypted using Ka. Thus, only A can read the message and knows the message originated at the KDC. The message includes:

• The one-time session key, Ks, to be used for the session.
• The original request message, including the nonce, to enable A to match this response with the appropriate request.

In addition, the message includes two items intended for B:

• The one-time session key, Ks.
• An identifier of A, IDA.

These are encrypted with the master key that the KDC shares with B. They are sent to B to establish connection and prove A’s identity.

3. A stores the session key for use in the upcoming session and forwards to B the information that originated at the KDC for B. This information is protected from eavesdropping, because it is encrypted by the master key, Kb. B knows the session key, A’s identity, and that the information originated at the KDC.

4. B then sends a nonce, N2, to A, using a newly minted session key for encryption.

5. Using the session key, A responds with f(N2), where f is a function that performs some transformation on N2 (e.g., adding one) (Stallings, 2003 pgs 214-15).

In conclusion, the above explained how DES works, why 3DES is now used, why the middle portion of 3DES is a decryption rather than an encryption, and explain a nonce and a key distribution center.

Works Cited

Moskowitz, Robert. (1999). DES is dead. Long Live… well, um, what? Network Computing, vol. 10 issue 6. Retrieved October 22, 2005, from, EBSCO Host Research Databas

Stallings, William. (2003). Cryptography and Network Security: Principles and Practice. New Jersey: Pearson Education, Inc.
Joshua Maluchnik, M.I.T., MCP/MCTS
Account Executive
Tranztec Solutions, Inc.
http://www.tranztec.com

Data Recovery Equipment

Today, computers are an integral and indispensable part of the IT world. No matter what your line may be, finance, education, business consulting and investigation, IT information security, or else. In fact, most people always take it for granted. You should never brag your computer can be failure-free.

The foremost use of computer is data storage. All the data is stored on a physical disk named hard disk drive which is a magnetic layer. And it is more likely to be stricken by a wide variety of reasons, such as a partition lost, system can not access, human mistake (accidental reformatting, deletion), file corruption, power surge, and virus attack, to the worst, these physical level failures typically are head crash, platter scratch, and motor failures caused by overwriting, physical damages, natural disasters, etc.

Sometimes a hard drive has been stricken dead or not working at all without any warning signs, but some other times there may be some clues that something is going bad or amiss. Such changes in performance or sudden blue screens are telltale signs that the hard drive may be on its way to collapse. The most obvious and common sign are clicking, squealing, scraping or grinding noises.

The computer become more involved in our daily life, so the danger of data loss also surfaces.

As most of us have already experienced data loss, it could be frustrated and traumatic, when you finally find your critical data are not able to recover. As a matter of fact, logical failures as I previously mentioned, a data recovery software program can simply work out, but speaking of physical failures, No! Those drives with minor physical failures will need a special equipment to repair hard drive itself or recover data.

Why data recovery software will stop there? The ordinary user-level repeated-read access method that is used by imaging software bring a risk of damaging the disk and head, making data lost irretrievable. Also the software skips bad sectors directly in order not to get hang (freeze). Even so it gets hang most of the time in case the drive has lost of bad sectors. Plus, there is no guarantee that all the data will be extracted as much as possible, though days or weeks of time wasted on imaging bad drives. That’s why you should avoid it at all cost.

A unique data recovery equipment known as Data Compass is mostly used among experts and practitioners worldwide, where traditional tools can not reach the height. Data Compass reads data of each sector physically byte-to-byte, including good and bad, and copy to a good disk using its data extraction software and hardware. “Shadow Disk” technology allows Data Compass to maximally avoid further damage to the drive, and ensure the data is not lost from repeated recovery attempts.

Technically speaking, it is hard to figure out how exactly the data can be recovered. It all depends. In most cases, data will be able to recover as long as the parts of hard drive are not severely damaged, otherwise you should swap its components then like platters, heads, and a spindle motor, for example.

A current tool named “hard drive head/platter exchange professional” used for drive disassembling and head/platter exchange will be replaced by the vendor soon. The change is made for optimization reason, and the new product is a better enhancement; plus, the new platter exchanger allows users to work on hard drive with spacers between platters.

If you have known much about data recovery and if you have a craving for this field, you should start your own business with a right equipment and then you can be an expert. Of course, it is not easy to find a proper option from current data recovery equipments with sky-high price in economy hard times. It is even worse when comes to new versions of software to products you are possessing, vendors will charge every time. In this case, free of charge upgrade service is the way to go.

All rights reserved. Free to copy. No adaptation.

To learn much more about hard drive data recovery solutions, please visit salvationdata.com where you can get more free information on specialized data recovery equipment and firmware repair tools.