Professional Documents
Culture Documents
People encrypt files to keep the information from falling into the wrong hands.
Related Articles
Types of Encryption
If you deal with files that have information that you need to keep secret from unauthorized
people, you can encrypt them to protect them. An advantage of encrypting a file is that only
the person who knows the password should be able to open it. However, there are some
disadvantages of encrypting files that deserve your attention.
Sponsored link
Forgetting Passwords
Encryption requires a password to encrypt and decrypt the file. People who use common
words such as love or their spouses name for a password at their ATM or for signing in to
an email account may do so because they are afraid of forgetting the password. A
disadvantage of encrypting files is if you forget the password that you used, you may never
be able to recover the data. If you use a password that is easy to guess, your encrypted data is
less secure.
Raising Suspicions
If you use encryption to protect your information on your computer at work or at home, it
could raise suspicions. Your boss may wonder why you are keeping certain files inaccessible.
Could they be the latest version of your resume or company secrets that you are trying to
remove from the building? At home, a significant other may want to know what terrible
secrets you are keeping that require you to encrypt files on your computer.
encrypted files in the future. A disadvantage of encrypted files is that relying on them to keep
things secret could lull you into a false sense of security. A determined person may marshal
overwhelming computer resources to decrypt your secret files.
Requiring Cooperation
Using encrypted files that are designed to be opened and shared by two or more people can
be disadvantageous when one or more participants finds it a burden to use encryption. For
example, if you and a distant colleague are collaborating on a project that you need to keep
secret, you might encrypt files each time you send them over, but your colleague may think it
is tedious to take the time to encrypt and decrypt files. You will either have to cite company
policy about secrecy or appeal to his sense of cooperation.
Sponsored links
If an archiving solution is used that does not support encrypted data storage, this can
lead to a situation in which configured message encryption at the database level (as
described in this section) is disabled. Administrators are recommended to evaluate
the archive solution used in light of this limitation.
Message encryption at the database level is not fully supported for all SAP
adapters and third-party adapters.
Adapters with their own message storage (for example, RNIF, CIDX adapter) do not
support encrypted data storage if the message itself was not previously encrypted by
the sender.
Only service interfaces can be marked as sensitive. Imported IDocs and RFCs
cannot be marked as sensitive. Scenarios using those imported interfaces on either
sender or receiver side are currently not supported.
http://www.answers.com/Q/What_is_digital_certificates#
slide=1
Description
The following table describes the data at rest encryption limitations.
Table: Data at rest encryption limitations
Limitation
Computer
performance
affect of data
encryption
Description
Encryption algorithms are like data compressions algorithms in that they are
very CPU intensive. Compressing data without the addition of computer
hardware (either dedicated or shared), can affect computer and NetBackup
performance.
Data
compression
Data compression algorithms look for data patterns to compress the data.
must be
Encryption algorithms scramble the data and remove any patterns. Therefore if
performed
data compression is desired, it must be done before the data encryption step.
before data
encryption
There are many encryption algorithms and associated key sizes. What should a
Choice of an
user choose for data encryption? AES (Advanced Encryption Standard) is the
encryption
standard for data encryption and supports 128, 192, or 256 -bit encryption
algorithm
keys.
AES became AES replaced the previous standard, DES which was secure through about
the standard 1998. Then, computer processing speed enhancements and parallel processing
techniques finally showed DES to be vulnerable to attack in 10s of hours. At
that point, the US Government solicited a replacement for DES. An algorithm
called Rijndael (pronounced Rhine dahl), became the front runner. After about
5 years of peer review, and review by the US Government, a specific
configuration of Rijndael became AES. In June 2003, the US Government
announced that AES can be used for classified information.
"The design and strength of all key lengths of the AES algorithm are 128, 192
and 256. These are sufficient to protect classified information up to the
SECRET level. TOP SECRET information requires the use of either the 192 or
256 key lengths. The implementation of AES in products is intended to protect
national security systems. Information is reviewed and certified by NSA
before their acquisition and use."
Limitation
Description
For more information, refer to this website :
http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf.
Generally, the larger key the more secure, and the longer into the future the
Suggested key
data will stay secure. AES is one of the best choices because it is deemed
size
secure with all three supported (128, 192, 256 bit) key sizes.
NIST FIPS
140
FIPS
certification
for my
encryption
solution
The security of algorithms like AES is not in the obscurity of how they
work. Rather the security is in the difficulty to deduce an unknown
encryption key. The years of scrutiny and peer review for AES, have
lead to mature implementations. In fact, tests exist for AES where
specific keys and data sets are input, and verified against the expected
output.
Limitation
Description
encryption product should be part of the consideration.
Usability considerations include the following:
Appropriate
encryption
key
granularity
Recoverability
The appropriate encryption key granularity is best explained with the example
of home security. A single house key is convenient. I can enter my garage,
front door, or backdoor all using the same key. This security is great until the
key is compromised (i.e. key that is stolen by criminals). Then I need to
change all the locks that used this key. The absurd extreme would be someone
having a key for every drawer and cupboard in a house. Then, a lost key would
require the changing of on a single lock.
The correct solution is probably somewhere in between. You must understand
your tolerance for a compromised or lost key from your business process
perspective. A lost key implies all the data that is encrypted with that key is
destroyed. A compromised key implies all the data that is encrypted with that
key must be decrypted and reencrypted to become secure.
Cryptography Drawbacks
Apart from the four fundamental elements of information security, there
are other issues that affect the effective use of information
cannot
be
realized
through
the
use
of
cryptography.
Cryptography does not guard against the vulnerabilities and threats that
emerge from the poor design of systems, protocols, and procedures.
These need to be fixed through proper design and setting up of a defensive
infrastructure.
The
use
of
public
key
cryptography
requires
setting
up
and
A digital envelope is a secure electronic data container that is used to protect a message
through encryption and data authentication. A digital envelope allows users to encrypt data
with the speed of secret key encryption and the convenience and security of public key
encryption.
A digital envelope is a secure electronic data container that is used to protect a message
through encryption and data authentication. A digital envelope allows users to encrypt data
with the speed of secret key encryption and the convenience and security of public key
encryption.
two
primary
kinds
of
encryption and asymmetric