I’ve talked about using encryption and decryption to secure your emails. But what about the lower level details such as key sizes and the different encryption algorithms?

The Data Encryption Standard (DES) is a crypto algorithm that is well known for its strengths and weaknesses. Introduced in 1975, it uses a 56-bit key length which is considered relatively short by today’s standards. However, it is also a U.S. government standard which lends it credibility. Other crypto algorithms lack backing by the U.S. government. The DES mathematical algorithm is used for encrypting (enciphering) and decrypting (deciphering) binary coded information such as email. You can read more about DES by looking up the publication: Federal Information Processing Standards Publications (FIPS PUB) 46-2.

56-bit DES systems can keep out the casual hackers. But there are hackers out there who have learned that they can utilize a grid of computers to break into cryptosystems which use keys of length less than 64 bits. It has been estimated that given one arbitrary (plain-text, cipher-text) pair, someone could recover the DES key in about 4 months of work. It has further been shows that under chosen plain-text attack it is possible to recover the DES key in one day using some preprocessing.

Abstracts are available at http://crypto.stanford.edu/~dabo/abstracts/bioDES.html

So if 56-bit keys are vulnerable to attacks it is only natural to assume that that larger key would be less prone to breaking when under attack. What you can choose to use instead is a longer key length such as “Triple DES”.

Triple DES is a technique where the DES algorithm is applied three times to each plain text block. In this manner a potentially different 56-bit key is used each time. One alternative is to combine two 56-bit keys for Key1 and Key2 into one 112-bit key, use that 112-bit key for encryption and then use the first 56-bit Key1 for the final encryption.

Another crypto algorithm, RC4 (Rivest Cipher #4), developed by Ron Rivest of RSA Data Security, is widely used since the U.S. government allows it to be exported if used with a short secret key.

In my next post I will discuss other well-regarded crypto algorithms such as IDEA, RC5 and the Advanced Encryption Standard (AES) which became a standard in 2002 and is one of the most popular algorithms used in symmetric key cryptography.

Lastly, remember to protect your keys. Using an encrypting filesystem is one answer to protecting not only your keys but your plaintext emails as well. But that’s another topic for later discussion.