DES and 3DES

Data Encryption Standard (DES) data are encrypted in 64-bit blocks using a 56-bit key. The DES algorithm takes the input through a series of transformations: initial permutation; a complex function, which involves both permutation and substitution operations and depends on a key input; a simple permutation function that switches the two halves of the data; the function is applied again; and a permutation function that is the inverse of the initial permutation takes place. There are five “modes of operation” that have been defined in order to apply DES to a variety of applications. They are Electronic Codebook, Cipher Block Chaining, Cipher Feedback, Output Feedback Counter, and Counter (Cryptography Concepts, 2005).

Triple DES or 3DES involves repeating the DES algorithm three times on the plaintext, using two or three different keys to produce the ciphertext. As stated in the article DES is dead. Long live…Well, um, What, “First it encrypts, then it decrypts and finally it encrypts again” (Moskowitz, 1999). Three DES is now used because it is very resistant to cryptanalysis, serving as an alternative to add security against the potential vulnerability of DES to brute-force attack. Triple DES has been adopted for use in the key management standards ANSI X 9.17 and ISO 8732, along with a number of Internet-based applications, such as PGP and S/MIME (AES, Ciphers, and Confidentiality, 2005). The picture below shows the triple encryption process, as well as show the middle portion of 3DES as a decryption rather than an encryption making it more secure.

A nonce and key distribution center (KDC) shares a secret key or “master” key between each party on a network. The KDC is responsible for generating nonce and keys to be used for a short time over a connection between two parties, known as session keys, and for distributing those keys using the master keys to protect the distribution. The following steps occur:

1. A issues request to the KDC for a session key with B. The message includes the identity of A and B, as well as a unique identifier for the transaction, a nonce, which may include a random number or a counter.

2. The KDC replies with a message encrypted using Ka. Thus, only A can read the message and knows the message originated at the KDC. The message includes:

• The one-time session key, Ks, to be used for the session.
• The original request message, including the nonce, to enable A to match this response with the appropriate request.

In addition, the message includes two items intended for B:

• The one-time session key, Ks.
• An identifier of A, IDA.

These are encrypted with the master key that the KDC shares with B. They are sent to B to establish connection and prove A’s identity.

3. A stores the session key for use in the upcoming session and forwards to B the information that originated at the KDC for B. This information is protected from eavesdropping, because it is encrypted by the master key, Kb. B knows the session key, A’s identity, and that the information originated at the KDC.

4. B then sends a nonce, N2, to A, using a newly minted session key for encryption.

5. Using the session key, A responds with f(N2), where f is a function that performs some transformation on N2 (e.g., adding one) (Stallings, 2003 pgs 214-15).

In conclusion, the above explained how DES works, why 3DES is now used, why the middle portion of 3DES is a decryption rather than an encryption, and explain a nonce and a key distribution center.

Works Cited

Moskowitz, Robert. (1999). DES is dead. Long Live… well, um, what? Network Computing, vol. 10 issue 6. Retrieved October 22, 2005, from, EBSCO Host Research Databas

Stallings, William. (2003). Cryptography and Network Security: Principles and Practice. New Jersey: Pearson Education, Inc.
Joshua Maluchnik, M.I.T., MCP/MCTS
Account Executive
Tranztec Solutions, Inc.
http://www.tranztec.com

Data Protection and What it Means to Your Business

We all need computers whether for personal use or toil, or for a commercial applications. For like purposes, it is critical precautions since information can spread and it’s state of affairs more risky when you using to the Internet as well.

Remember about what you experience during the time when you lose important data. You won’t be able to sleep properly in the event that you information is destroyed so it is thus essential to have constant backups made.

Nobody desires private and confidential to be disclosed through the Internet regardless sadly with the rising popularity of computers in this time knowledge isn’t safe. The size of your organization or business is not hardly an a problem therefore it hardly matter whether are using your personal computer at your residence or in the workplace, the only worry is data preservation. It is a great challenge in itself to protect personal records however it is additionally critical to be alert of what exactly are the purposes behind these data loss.

Several utilities are available on the market right now in order to protect your important information Some of these are backups, firewalls and various protection software program bundles for viruses.

Poor judgment of an employee is yet another reasons related to data leakage, so it is considered then, that workers have the ability to stop a much of the of information loss. If an worker is equipped essential knowledge surrounding computers and are honest when do their tasks, loads of important information can be prevented from ending up destroyed. If good powerful security system is not incorporated, employees mostly take this at face value and function without any care which means that confidential data may end up gone.

These are various ways that would assist in preserving your information:

Encryption:

You are able to defend your files utilizing a technique called encryption and through utilizing this technique, information is encrypted or is rewritten as some code, that may be unencrypted by only the person that know the key or a associated password. These days with the easy access of so many data encryption software on the market, you can easily decide on any one of them to ascertain secure transfer of information.

Backups:

Backing up your data is an additional one of the tools that you may use to halt sudden data loss and it’s extremely effective in the event of loss because of a random power failure. If you’re doing constant backups, those issues may be easily be avoided though there isn’t specified time at which you’re expected to make a backup. Though, once within a week is the least it needs to be done, though thrice per week is what’s advisable when making the backups. The sensible thing is to be sure to make backups every day seeing how the personal nature of this files is the sole standard to create the limit for these backups.

Firewalls:

A layered type of system is followed in the case of security however the system can also be as a defender of information or else a firewall should be introduced. Through firewalls, no one is able to use your system unless they have your permission and with this method, your data is much secure. It is highly suggested to update your machine at frequent intervals in order to maintain security in a more consistent fashion.

P Abbey owns and operates http://www.dataprotectionfacts.com, Data Protection

USB Flash Drive Operating Systems

Did you know that you could get an entire operating system on a flash USB drive? Most firmware in modern PCs allows booting from these drives. That means that a bootable flash drive could allow you to launch an operating system, this is commonly called Live USB and applies mostly to Linux operating systems. However, there is a MS Windows version available and some versions of BSD are also available on flash USBs.

Live USBs are good special purpose or brief tasks like doing an operating system install or disk cloning operation across a network, loading a minimal kernel for embedded operations and maintenance tasks.

A properly configured Windows USB flash drive will allow you to install a version of Windows XP on a drive, with extra software if there’s space. To do this, a special utility is required, as well as a fairly large drive. You will end up with a portable, compact emergency version of your operating system.

Live USBs are more commonly used by Linux operating systems, and are closely related to the now-common live CDs. Like CDs, USBs can be used to help test a distribution, recover data and many other tasks. Live USBs have many of the same limitations and benefits of a live CD. It is, however, easier for a live USB’s data to be changed, since CDs are usually permanently written. That makes it easier to use a live USB as personal storage, allowing a user to carry their preferred applications, operating system and configuration. Sharing a single system between multiple users is much easier in this case.

Live USBs can also provide extra privacy, since the USB device is carried by the user and storage in a safe location is easy. However, the small size of these devices also means that they are easily lost and stolen; making backups and encryption more important for USB flash drive operating systems than normal desktop operating systems.

Since USB drives have no moving parts, they are able to have a faster seek time than optical media and hard drives, this means small programs start faster from USB flash drives than from a live CD or hard disk. However, the low data transfer speeds of some USB devices can make booting from them very slow. In addition, older computers may not have a BIOS that supports booting from USB devices. Booting an operating system from a USB drive may slightly reduce the life of the flash drive.

Carrying your own personal operating system in your pocket can be extremely useful for travellers or people using shared computers. Some sites offer tutorials on simplified flash drive installation for many different distributions of Linux (which is the most popular OS for this purpose). These tutorials mean it is much easier to install, boot and run your preferred distribution, with all your settings and files, from a very small drive. Just be sure you have a large enough drive and that you are using it in a computer capable of booting from the USB port.

Note: USB 2.0 capability greatly speeds things up, as well.

Derek Rogers is a freelance writer who writes for a number of UK businesses. For logo branded promotional flash drives, he recommends Flashbay.com.

The Security of USB Flash Drives

Even the biggest USB flash drive is still smaller than most people’s thumbs. Since we carry these devices to numerous locations, there is a fairly good chance that we will eventually lose them. If this should happen, most of us simply hope there was nothing sensitive on the drive. However, that is not the only thing you can do. There are some basic USB flash drive security measures available.

If your flash drive carries some sensitive information that you hope to keep from ending up online by the next day, security measures available range from secure partitions to encryption options. Secure partitions are a rudimentary form of security – a password protected partition is created on the drive, using a utility supplied by the manufacturer, this makes a public partition and a secure one.

In most cases, it is not possible to access these partitions at the same time, it is often necessary to log into the secure partition, hiding the public one. Not all controllers feature this limitation. Using a version of your utility, someone else could re-partition the drive. However, they would not have access to the data you have stored on the secure partition.

There are other USB flash drives that are much more specialised, they offer the same sort of secure, password protected partition. However, they also encrypt data stored on that partition, making it much harder for people to get to your data. While encryption algorithms can be broken, having encryption on your USB drive is an extra layer of security you can offer your data.

The down side to drives that use encryption is that some of them only perform this encryption in software that results in lower performance on the drive when encryption is enabled. Few manufacturers use a hardware based engine capable of encrypting and decrypting files at a higher speed to prevent performance penalties when you access a secure partition that’s using encryption.

The problem with both of these security approaches is that they are mostly dependent on software; the majority of manufacturers of USB flash drives only provide Windows based software support.

What does that mean for Macintosh users and people who use a Linux distribution or other unusual operating system? Security for USB flash drives is mostly still a matter of keeping good track of them. While it is possible to access public partitions on almost all systems, accessing the secure partition generally requires access to Windows.

USB flash drive security is still in its infancy, since these drives aren’t routinely used by people with a need to secure their data. As they become more widespread and the need for security increases, expect flash drive security options to increase as well. For now, partitioning and encrypting are the major options available, though.

Windows users are in luck and can make use of both of these options effectively to preserve their data. However, users of operating systems that aren’t compatible with the software on the drive must simply try not to let their USB flash drives fall into the wrong hands.

Derek Rogers is a freelance writer who writes for a number of UK businesses. For logo branded Custom Flash Drives, he recommends Flashbay.com.