English Deutsch Français Italiano Español Português 繁體中文 Bahasa Indonesia Tiếng Việt ภาษาไทย
All categories

I've checked wikepedia, and their explanations are way too hard to understand. And isn't figuring out a password easier than figuring out an encryption algorithm?

2007-07-26 15:52:45 · 5 answers · asked by curiousmike 3 in Computers & Internet Programming & Design

5 answers

>>How does data encryption work? I've checked wikepedia, and their explanations are way too hard to understand.

Data encryption, or more technically, ciphers, use three basic principles:

1. Substitution: You replace one character with another: For example, all "A"s become "R"s, all "F"s becomr "9"s, etc.

2. Transpositon: You move the letters around in some logical way.

For example, you could make a key that uses a 5X5 grid to reproduce all the letters of the alphabet (save one). A would be in the upper left hand corner and Z in the lower right hand corner. Go ahead and draw it out; you will understand what follows better.

To indicate a letter, you might specify its row and its column. For example, A might be 1.1; to indicate Z, 5.5; to indicate G, 2.2.

If you flip the chart upside-down, A and Z switch places. Now, Z becomes 1.1, A becomes 5.5, and G becomes 4.4.

If you then flip the chart to the left, A is in the lower left-hand corner and Z in the upper right-hand corner; so A becomes 5.1, Z becomes 1.5, and G becomes 4.2.

If you set up some routine so that the chart is flipped several times -- such as every 5 characters, flip over; every 10 characters, flip to the left, every 30 characters, flip to the right -- you can add to the complexity of your cipher.

That's basically what the rotors in Nazi Germany's Enigma machines did: They "flipped" the characters in some "random" way, that other Engima machines could replicate. And today, we have computers -- born from trying to break that (by today's standards) simple code.

3. Compression: The easiest way to break ciphers is to look for repeatable patterns.

The reason Wheel of Fortune gives you RSTLN E for the bonus puzzle is because those letters are most common in English words.

So, substitution-only ciphers are easy enough to crack; if about 12 percent of the text is represented by Q, I can pretty much guess that Q is probably substituting for E, because E appears in English words about 12 percent of the time.

Even transcription cyphers are easy to break in today's high-powered computing world; find a pattern and bounce certain words you know appear a lot -- "the", "there", "are", etc. -- through a computer until it figures out how the flips work.

But by adding compression, we can remove the ability to crack our code on that basis. The most obvious is to remove the spaces between words; you can also remove the vowels, which makes patterns harder to spot. Or you could spell things phonetically, rather than as they are in the dictionary.

Computer data encryption is basically the same three principles -- replacement, transposition and compression -- in action, just done very efficiently and quickly. MD5, SHA, RSA, whatever; they use these basic principles to do their thing.

>> And isn't figuring out a password easier than figuring out an encryption algorithm?

Yes, figuring out a password is easier than breaking an encryption algorithm.

I think what you're probing at is the idea of "Heck, why bother breaking the cypher? I'll just brute-force attack the phrase with a password cracker until I guess the phrase right, and then it will be decrypted."

That's certainly one way of getting around things. However, the effectiveness of a password in most modern cryptography gets exponentially better the more characters, and the variety of characters, there are in the password.

For example, "a" is a terrible password. "1234" isn't much better, but it's stronger, because it's longer; I've got to go through several letters and numbers before I get to it.

Words in the dictionary are bad, because most password cracking programs use them. Proper names and dates are also bad, because they are contained in dictionary attack scripts, too.

But if I apply the basic concepts of cryptography -- substitution, transposition and compression -- to my password, even though it's not technically "encrypted," I can make a basic word -- such as "Beyonce" -- a difficult-to-crack word, such as "b3aYns@y." Good luck guessing that.

2007-07-26 16:30:57 · answer #1 · answered by Anonymous · 0 0

Encryption is a way of obfuscating a piece of data such as a password. The password has an encryption algorithm run on it (there are tons and tons of different algorithms so I'm not going to name them). This algorithm turns the password into a seemingly random string of characters. Some algorithms are two way, meaning you can retrieve the data back in its original form, and others are one way meaning you can't (without serious effort) get the string back in its original form.

You asked why people try to figure out the algorithms rather than just trying to get a password. Well there are two reasons for this. One is time. Suppose you knew for a fact that someone had an 8 character password. Each character in the password can be a letter a number or any number of of symbols like $ or %, but for the sake of argument we'll just consider letters and numbers. If there are 8 characters and there are 36 possible characters each of the password characters can be (A- Z and 0-9 and we're also not differentiating between upper case and lower case) there are a possible 36^8 possibilities of what the password could be. It would take a computer FOREVER to figure that out if it just guessed randomly. It's much easier for a person to figure out the algorithm. Another reason is that, if you know the algorithm, you know any number of passwords. If you have the algorithm you can decrypt any password that is encrypted with that algorithm instead of a single users password like in the other example.

I hope this helps.

2007-07-26 16:02:17 · answer #2 · answered by rowancompsciguy 3 · 0 0

Dhvrm forgot another method. It's called addition. :) It's the opposite of compression when you encrypt a secret message by making it a lot longer. You can insert chunks of data into a text to make it look encrypted, but it's really not encrypted. For example, let's say the password is "A5693." This means you have to remove these characters from the following text, and then you find the meaning:

THAAA69AIAA5A5S6
A9-TAE5693696AA6
996993X33TAAA635
9-3I5S9A-S9AA59A3
59556A993AEA5953
C3A359ARA6953966
39E656565A39A3666
T9A65!AA555656565

If you take away all the As, 5s, 6s, 9s, and 3s from the above text, then you get this: "THIS-TEXT-IS-SECRET!"

This text was not really encrypted, but it was hidden among a bunch of junk characters. And if you don't know what characters you have to remove, then it can be quite difficult to find the message! :)

Hey, we could also do something like this:

TWH5IXSE-XT5EAXDTA-LI
LSS--SDESC5R5EKTO!

In this case, we throw out every second letter and what's left is "THIS-TEXT-IS-SECRET!"

"isn't figuring out a password easier than figuring out an encryption algorithm?"

No, it's not. Usually if you want to decipher something, the very first thing is you should do is look for the program that did the encryption. Study it. First you got to understand the algorithm. Only then can you start figuring out the password.

If you think finding the password is so easy, then try to find the password for this:

-48D52-86N8--89Z5SOA79Y
CH+2LTD*(MPEH5Q:
7UIR-4G-^NC#HEWY
48-2%%83500L881S
6000A5~404E009QU
EW3613-N5$72150W.
NA56@G-00(E0)CHTUY.
APA#5SC--HFTELRGJEY.

My real name is encrypted in here.
I used the same algorithm which I illustrated above. ;-)

2007-07-26 17:10:32 · answer #3 · answered by frozen555 5 · 0 0

Data encryption works by scrambling the data according to a pattern. The pattern is coded into an algorithm, which, when applied moves the data around until it is in the readable format.

Of course a password is a LOT easier to figure out than an algorithm! A password simply locks the door; an algorithm moves the contents of the house to different places and creates mazes to make it difficult to find and reorganize all the parts in a usable form.

Hope that helps!

2007-07-26 15:59:02 · answer #4 · answered by nora22000 7 · 0 0

Data protection is the technique of converting your data from plain text to cipher text or in other words encoding it into encrypted language so that no unauthorized user will be unable to decipher this data and also that data would remain protected from hacking attempts. Encryption is the best form of data security feature, which provides instant data security.

2014-05-16 00:39:48 · answer #5 · answered by Anonymous · 0 0

fedest.com, questions and answers