Friday, July 3, 2015

Tabula Rosa Systems Technical Term Of The Day - Strong Cryptography


Posted by
Margaret Rouse
Strong cryptography is used by most governments around the world to protect communications. It involves secreted and encrypted communication that is not amenable to cryptographic analysis and decryption to ensure it cannot be accessed by unauthorized entities.
Strong cryptography is secreted and encrypted communication that is well-protected against cryptographic analysis and decryption to ensure it is readable only to intended parties.
Network Security Visibility
Ensuring comprehensive network security visibility is no easy task. Uncover expert tips on how to improve network security visibility with network flow analysis tools, cloud security monitoring solutions, and anomaly-based monitoring technology.
Bottom of Form
Depending on the algorithms, protocols and implementation, a cryptographic system may be vulnerable to analysis, leading to possible cracking of the system. The ideal is an unbreakable system of which there is just one well known example: the one-time pad. The one-time pad is a system in which a randomly generated single-use private key is used to encrypt a message. The message is then decrypted by the receiver using a matching one-time pad and key. The challenge in this system is exchanging pads and keys without allowing them to be compromised.
Strong cryptography is used by most governments to protect communications. While it is increasingly available to the general public, there are still many countries where strong cryptography and encryption are kept from the general public, justified by the need to protect national security.
While the definition of strong cryptography in general may be broad, the The PCI Security Standards Council defines strong cryptography requirements for use in the payment card industry (PCI) specifically:  
“Cryptography based on industry-tested and accepted algorithms, along with strong key lengths (minimum 112-bits of effective key strength) and proper key-management practices. Cryptography is a method to protect data and includes both encryption (which is reversible) and hashing (which is not reversible, or “one way”). At the time of publication, examples of industry-tested and accepted standards and algorithms for minimum encryption strength include AES (128 bits and higher), TDES (minimum triple-length keys), RSA (2048 bits and higher), ECC (160 bits and higher), and ElGamal (2048 bits and higher).”
Demonstrating the strength of a given cryptographic system is a complex affair that requires in-depth consideration. As such, the demonstration is best achieved by a large number of collaborators. Planning tests, sharing and analyzing and reviewing of results are best conducted in a public forum.
This was first published in June 2015
Contributor(s): Matthew Haughn

==============================================================
**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

www.tabularosa.net

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.
==============================================

No comments:

Post a Comment