DES(Data Encryption Standard)

• DES algorithm developed at IBM under the leadership of WL Tuchman in 1972. This algorithm is based on the Lucifer algorithm, which is made by Horst Feistel.

• This algorithm has been approved by the National Bureau of Standards (NBS) after its power rating by the National Security Agency (NSA), the United States.

• DES included in symmetric cryptographic systems and classified as the type block ciphers.

• DES operates on 64 bit block size. 64 bit DES encryption to 64 bits of plaintext to ciphertext using a key 56-bit internal (internal key) or upa-key (subkey). Internal key generated from an external key (external key) whose length is 64 bits.

• the global scheme of the DES algorithm is as follows (see Figure 1):
1. Dipermutasi plaintext block with initial permutation matrix (initial permutation or IP).
2. The result of initial permutation and then in-enciphering-16 times (16 rounds). Each round uses a different internal keys.
3. Results enciphering then dipermutasi with permutation matrix inverse (or inverse initial permutation IP-1) into ciphertext blocks.

Simak

Baca secara fonetik

Figure 1. Global scheme of the DES algorithm

• In the process of enciphering, plaintext block is divided into two parts, left (L) and right (R), each 32 bits in length. Both parts are entered into the 16 rounds of DES.

• In each round i, block R is an input to the transformation function called f. In function f, R block combined with an internal key Ki. Dai output function f is XOR with a block of the block R L to get a new one. Meanwhile, a new block of L was taken directly from the previous R block. This is one round of DES.

Mathematically, one round of DES is expressed as

Li = Ri - 1
Ri = Li - 1 + f (Ri - 1, Ki)

Figure 2 shows the scheme of the DES algorithm which is more detailed.

Figure 2. DES Algorithm Encryption

 

Attacks Against Cryptography

The main task of cryptography is to maintain the confidentiality of the plaintext or keys or both of the tapper. Tappers trying to get the data used for activities cryptanalysis. Bugs can also be called as a kriptanalis. Another term for the opposite side is a message intruder (intruder), attacker (attacker), the enemy (enemy, adversaries), or interceptor (interceptor).
There are several types of attacks directed against cryptographic systems. The meaning of the attack (attack) is any attempt (attempt) or an experiment conducted by kriptanalis to find the key or plaintext from cipherteksnya.
As was explained earlier that the cryptanalysis aims to solve the original ciphertext into plaintext without having access to the keys that will be used. Kriptanalis trying to find the key weaknesses and reveal the plaintext.
In discussing the attacks on cryptography, always assume kriptanalis know the cryptographic algorithms used, so that the only safety system is located entirely on the key cryptography. This is based on the principle of Kerckhoff (1883), which reads "All cryptographic algorithms should be public, only the secret key. "

Simak

Baca secara fonetik

Digital Signature Application for Email Security

Fear of official e-mail address you used and vilified by others to do evil? Do not be afraid you just use the PGP digital signature system that already famous. To use it with a free, e-mail client Mozilla Thunderbird and Enigmail program enhancements, will be happy to assist you. Here are ways to use: 1. Install Thunderbird If you do not already have an e-mail client Mozilla Thunderbird, then you need to install it first. Get a mail client program that is quite superb with free in http://www.mozilla.org/products/thunderbird/. Once obtained, install the program. Follow each step and make your e-mail you in it for this program can serve your e-mail transactions. Make sure the e-mail Incoming and Outgoing be processed smoothly. 2. Install the extension program Once Thunderbird is ready for use, install the extension program that is useful to carry out the PGP facilities. This extension program is Enigmail and GnuPG. You can get an extension program v0.91.0-tb-win32.xpi http://enigmail.mozdev.org/download.html site for Enigmail. To GnuPG version 1.4 on the site http://www.gnupg.org/download/index.html. Start the GnuPG binary file to install it. To install Enigmail, click on Tools | Extensions. After that, click the Install button and navigate to the program v0.91.0-tb-win32.xpi. When finished restart your Firefox, the file extension has been integrated.
3. Point Program GnuPG The next step is to direct the GnuPG program that was installed earlier for Thunderbird can always be used by you. Way, click Enigmail menu | Preferences, then the program settings menu will appear Enigmail. On the Basic tab there are fields GnuPG executable path. Fill this column with the path towards gpg.exe program, usually located in the directory Program Files \ GNU \ GnuPG \. Once completed, it would seem his path on that column. Click the OK button, then GnuPG will always run the program every transaction e-mail that out. 4. Create a New PGP Key The next question, did you have this digital signature? If not, you can make it from here. Way, click Enigmail menu | OpenPGP Key Management. After exit the settings menu, click Generate menu | New Key Pair, it will exit the settings. Pick up your e-mail that you want to make key, then fill Passphrase that serves as a password. You can comment on the Comment column. Expired any time this key you can set. So is the size of key. Use the key-size 1024 for the opening of the key faster. When finished click the Generate key and click Yes, then the key immediately made. 5. Make a File Every few seconds, then be your key. You will be offered a further option, which makes you kind of certificate for this key. The point is to ensure the correctness of your digital signature. This key can be sent to people who want to keep your keys or trying to prove the truth of your digital signature. This certificate is the form of a file format. ASC. To make it, on Enigmail Confirmation window, click the Yes button, then choose a folder to save it. After that, type it your passphrase and click OK, so the certificate. 6. Enable OpenPGP Facilities When everything is ready, now is the time to activate this OpenPGP facility for each time you send an e-mail through Thunderbird. Way, click menu Tools | Account Settings ... After the settings window appears, choose the option OpenPGP Security. Check the boxes inside the option Enable OpenPGP support (Enigmail) for this identity. After that, select the option Use specific OpenPGP key ID. Then check the option also sign a non-encrypted messages by default. When finished click OK, then every time sending e-mail you want to insert a digital signature that you have created. 7. E-mail with a Digital Signature Now, each time sending e-mail that you do, it will ask whether you want to send your digital signature or not. If yes, then you have to type his passphrase correctly. E-mail You may also be directly converted into text form. After everything is finished, then e-mail you send with digital signatures will be accepted by the recipient as well with digital signatures. Usually this digital signature in the form of random numbers. Or if your e-mail client program you support, then the random numbers can be immediately checked for validity. If true, it appears description Good Key. Good luck!

Simak

Baca secara fonetik

How to Make a Digital Signature

Want to create a digital signature so that your website looks more professional. There is a webservice good for it. How to use it very easily as easy as turning the palm of the hand.
Actually, could you make use photoshop tricks, but for those who normally would not experience difficulties. And the electronic signature will not so satisfactory. Now we use just the easiest way is to use mylivesignature.com
After arriving to the website:
Try to grab a button to create a digital signature without the need to register first. But if you want to register first so that's okay. This is only to accelerate this article's all.
Whatever you choose the button you will be delivered to a page Creating a new signature. Here you will be treated to 3 options the way again:
1. Using the signature creation wizard: create a signature with a step by step. 2. Draw a signature straight to the screen: using the normal way of drawing directly on-screen digital signs 3. Using a Scanned images: scan directly to your real signature then be made by electronic or digital.
Suggestion: Should not use the third option. Because if you create an electronic signature is similar to the original even later abused people. I personally chose the first. Simply enter the name saja.Lalu next step is to choose the font, size, color, slope and digital signature you are finished. But it is up which way will you choose.

Implementation of Digital Signature Authentification Process

One of the benefits of doing business in cyberspace is that it can do transactions anytime and anywhere without having a physical face to face between seller and buyer. However this is often a problem in itself, especially related to authentication problems. How the seller can be sure that the purchased product is a real person (like a confession)? How the seller can be confident, for example:• That the credit card that is used is really the property of the purchaser? or• That the information submitted by the seller does not fall into the hands of those who are not eligible unless the buyer is concerned? or• That the documents sent are not altered by those who have no right in the middle of a transmission line? or• That the trade transaction can be legally valid in the absence of the fraud of the buyer?• and so forth.
In the real world, usually to solve this problem use "signature" as proof of authentication (authenticity) identification of a person. In the virtual world, offered a concept that is named as "Digital Signature" or a digital signature (Kosiur, 1997). The principle of implementing a digital signature system is as described below.
In contrast to the method "public-key encryption" which technically requires a relatively long time to do the encryption (random coding) of a document, the digital signature system, a document that is sent is not encrypted using the public key (public key).Source: David Kosiur, 1997.The document is encoded using a mathematical function called "Hash Function". Using Hash Function type 16 bytes, then the long text that will be expressed in 16 fruit characters, such as: CBBV235ndsAG3D67 named as a "message digest". The sender then by using his personal code (private key) to encrypt a message digest, and the result is a digital signature (digital signature) from the sender. Digital signature is then combined with the existing text (original document) to then be sent over the Internet.
On the receiving party will be held a series of authentication processes. The first process is to separate the original documents with digital signatures attached to them. The second process is to re-enact the Hash Function against the original document to obtain the 16 character message digest. The third process is to perform the decryption process of the digital signature using public key (public key) from the sender. The next process is to compare or mengkomparasikan 16 character message digest results Hash Function and decryption activity. If the two message digests are identical, then the document and digital signature received is authentic, comes from the person in question and no unauthorized intervention in the course of transmission. Conversely, if it turns out the second message digest is not the same, meaning there are three possibilities occur:• Documents submitted has undergone changes in terms of content;• Digital Signature that was sent has been modified, or• Both have been amended so it is not the same as the original.
Of course these changes can occur due to intentional or not. Intentional in the sense of the word that someone or other parties who attempt to change or falsify documents digital signature; accident within the meaning of the word is possible "damage" Technically, both hardware and software, along the transmission medium so that there is a change of data sent. The only problem of this authentication method is sending the original documents without having to do the encryption (as it is considered slow, especially if the document contains a very long text). But the concept of "pareto" can be used, within the meaning of applying the assumption that 80% of communication is "safe." If what happened with "intervention" in the transmission line, the second alternative is the use of "symmetric encryption" or "public-key encryption" can be used as an alternative.

Simak

Baca secara fonetik

Types of Cryptography

Following Types of Encryption
Types of Cryptography Based on the key used for encryption and decryption, cryptography can be divided into two, namely:  
1. Symmetric key cryptography
2. Asymmetric key cryptography 

1. Symmetry Key Cryptography In symmetric key cryptography system, the same key for encryption key for decryption, so-called symmetric key cryptography or symmetric cryptography. Another term for symmetric cryptography is a cryptographic private key (private key cryptographi), secret key cryptography (secret key cryptographi), or conventional cryptography (conventional cryptographi). Symmetric cryptographic systems assume the sender and the recipient have to share the same key before exchanging messages. Symmetric cryptographic security lies in the secrecy of the key. Symmetric cryptography is the only type of cryptography known in historical records until 1976. All classical cryptographic algorithms included in the cryptographic system symmetry. On the other hand, there are dozens of modern cryptographic algorithms which belong to the symmetric cryptographic system, such as DES (Data Encryption Standard), Blowfish, Twifish, Triple-DES, IDEA, Serpent and the newest is the AES (Advanced Encryption Standard).
In general, cipher which belong to the symmetric cryptographic operation in the bits and can be grouped into two categories, namely:  
1. Cipher block (block cipher)
Cryptographic algorithms operate on the plaintext / ciphertext block in the form of bits, which in this case a series of bit-blik divided into blocks of bits whose length is predetermined. For example, the block length is 64 bits, then that means the encryption algorithm to treat 8 characters each time encryption (1 character equals 8 bits in ASCII encoding.) Example that uses cryptographic methods are DES, TripleDES, IDEA, AES, and others. 
2. Cipher stream (stream cipher)
Cryptographic algorithms operate on the plaintext / ciphertext in the form of a single bit, which in this case a series of bits encrypted / didekripsikan bit by bit or byte by byte. Examples of cryptography that uses the RC4 stream cipher method (Ron's Code 4), A5 and others. Symmetry of the main applications of cryptography is to protect the confidentiality of data sent over telecommunications media and protect the confidentiality of data stored on storage media. The weakness of this system is both the sender and recipient must have the same key, so that the sender of the message should be seeking a safe way to inform the recipient's key messages. 

2. Asymmetric key cryptography 
If the key for encryption is not the same key for decryption, then kriptografinya called asymmetric key cryptography or asymmetric cryptography. Another name is public key cryptography (public key cryptographi), because no secret key for encryption and can be known by anyone (made public), while the key for decryption is known only by the recipient of the message. In this type of cryptography, each person who communicates has the key pair, namely the private key and public key. The sender encrypts the message using the recipient's public key. Only the recipient can decrypt the message because only he who knows the corresponding private key itself. Advantages of public key cryptography is twofold. First there is no need to distribute the private key cryptography as the symmetry. The public key can be sent to the receiver via the same channels with the channel used to send messages. Note that the channel to send messages is generally not safe. Second, the number of keys can be pressed. To communicate in secret with a lot of people, do not need a secret key sebayak number of people, simply create two keys, namely the public key for encryption of messages and correspondent for the private key for the recipient of a message to describe the message. Unlike symmetric key cryptography where the number of keys that made as many as the number of parties are invited to correspond Examples of public key cryptography algorithms such as RSA, ElGamal, DSA, and so many else.

Comparison of Key Cryptography Key Cryptography Symmetry and Asymmetry
Both symmetric key cryptography or asymmetric key, both have advantages and disadvantages of each.
Excess key cryptography symmetry: 1. Symmetric cryptographic algorithms are designed so that the process of encryption / decryption takes a short time. 2. Symmetric key size is relatively short. Symmetric cryptographic algorithms can be used to generate random numbers. 3. Symmetric key algorithm can be arranged for resulting in a stronger cipher. 4. Sender authentication messages immediately known from the received ciphertext, because the key only known by the sender and the recipient only.
Symmetric key cryptography Weaknesses: 1. Symmetric key must be sent via a secure channel. Both entities must maintain the confidentiality of communication is key. 2. Keys must be changed often, perhaps every communication session.
The advantages of asymmetric key cryptography: 1. Only the private key that needs to be maintained by any entity of anonymizing communication (but public key authentication must be guaranteed). There is no need to send the private key as symmetric key cryptography. 2. Pair of public key / private key does not need to be changed, even in waktun a long period. 3. Can be used to secure the delivery of key symmetry 4. Some public key algorithms can be used to provide digital signatures on messages.
The weakness of asymmetric key cryptography: 1. Encryption and decryption of data is generally slower than symmetric cryptographic system, because the encryption and decryption using bilangna large and involve great powers of operation. 2. Ciphertext size larger than the plaintext. 3. Relatively larger key sizes than symmetric key sizes. 4. Because the public key is widely known and can be used every person the ciphertext does not give information about the sender authentication.
Because of the advantages and weaknesses in each of cryptography, it is not true that replacing public-key cryptography key cryptography symmetry. Because public key cryptography has a disadvantage in terms of computation time and the size of ciphertexts compared to symmetric key cryptography, then this has implications in the practice and usage. Most security systems use a combination of symmetric key cryptography and public key cryptography (hybrid cryptosystem). In this hybrid system encryption / decryption messages using symmetric key cryptography, while the symmetric key encryption / decryption using the public key. Symmetric key (which is also called a session key) generated by one party and encrypts the message with the key. Furthermore, the session key encrypted with the recipient's public key and sent along with the message that is encrypted. Recipient first decrypt the session key with the corresponding private key, then decrypt with key pasan session.

Simak

Baca secara fonetik

 

Simak

Baca secara fonetik

 
   

Encryption

Encryption is the process of securing an information by making such information can not be read without the aid of specialized knowledge. Because encryption has been used to secure communications in various countries, only certain organizations and individuals who have interests that are very urgent for secrecy that uses encryption. and currently been used in the encryption system widely, such as Internet e-commerce, mobile telephone networks and ATM at the bank.

Encryption can be used for security purposes, but other techniques are still needed to make communications secure, particularly to ensure the integrity and authentication of a message. For example, Message Authentication Code (MAC) or digital signatures. The use of another is to protect the computer network analysis.

The real purpose of the techniques in terms of the above is to disguise the original data into new data in the form or other format, so that someone other than the owner of the rights of access to these data could not see or access them.

Typically used to secure data, in case the data fall into the hands of others who are not eligible. Whether it's to save themselves or for the purpose of sending data to another person.

Encryption is that for text and files. What is text encryption and file encryption? When you send a file via the Internet, you may not realize that in fact the file was actually floating virtual world before arriving at the destination address. The problem is what if the journey there that could peek inside? If the file is confidential then it means disaster for your secret. Therefore, there is some effort to protect critical files including, for example by installing a password. But this does not seem secure enough in sending the file.
Hence comes the name or file encryption text. Encryption refers to the algorithm schemes that encode plain text into non-readable form or cyphertext, so be very privacy. Recipients of encrypted text using the "key" to decrypt the message, and return it to its original text. The key is the trigger mechanism, the algorithm. Until the advent of the Internet, encryption is still rarely used by consumers, but most are used by the military. Currently, in online marketing, banking, health and other services, even the average household aware of the importance of encryption.
Web browser will encrypt the text automatically when connected to a secure server, this is evidenced by the address begins with https. Server to decrypt the text in the time of delivery, so even though the information travels between computers got hold of this file, is not helpful for those who stole it and will only see the codes that are not understood.
There are many types of encryption, but not all of them can be trusted. The ability to use computers can be used to break weak encryption schemes. Initially, 64-bit encryption is considered strong enough, but this time 128-bit encryption is standard, and this will certainly change again in the future.
Although the browser automatically encrypt the information when connected to a secure Web site, many people choose to use encryption in email correspondence as well. This can easily be achieved with encryption programs feature plug-ins or interface to the popular email clients. The longest is PGP (Pretty Good Privacy), a simple name for a powerful encryption program for first-rate military. PGP allows one to not only encrypt email messages, but personal files and folders as well.
Encryption can also be applied to the entire volume or drive. To use the drive, using a special decryption key. In this state the drive can be used and read as normal. Once completed, the drive down and return to the encrypted state. Some people choose to save the program of financial or other sensitive data on encrypted drives.
Encryption schemes are categorized as symmetric or asymmetric encryption. Symmetric key algorithms such as Blowfish, AES and DES, working with a single key that has been set previously shared between sender and receiver. Asymmetric encryption schemes, such as RSA and Diffie-Hellman, this scheme will make a "key partner" for the user: a public key and a private key. The public key can be published online for the sender that is used to encrypt the text to be sent to the owner's public key. Once encrypted, cyphertext can not be decrypted except by the person who holds the private key of the other. This algorithm is based around two key cooperate with each other. Asymmetric encryption is considered one step more secure than symmetric encryption because the decryption key can be kept private.

Simak

Baca secara fonetik

Simak

Baca secara fonetik