Skip to main content
Select Source:

Data Encryption

Data Encryption

Data encryption refers to the process of transforming electronic information into a scrambled form that can only be read by someone who knows how to translate the code. Encryption was already used by Julius Caesar in the days of the Roman Empire to scramble letters and messages. It played a major role in many wars and in military circles generally. Encryption has turned electronic in modern times. It is today very important in the business world as well. It is the easiest and most practical method of protecting data stored, processed, or transmitted electronically. It makes electronic commerce possible by protecting credit card and personal information. It is also commonly used to scramble the contents of contracts, sensitive documents, and personal messages sent over the Internet. More and more institutions, including small businesses with data to protect, also use encryption to protect data on their computer in-house.

BASICS

Encryption comes from the science of cryptography, which involves the coding and decoding of messages in order to protect their contents. One of the most ancient forms of it is letter substitutionthus, for instance, sending the next letter in the alphabet instead of the actual letter in the text. Ifmmp xpsme/ thus spells out Hello world. In the electronic environment, every symbol has a numerical value expressible in binary notation. Thus the letter A is 01000001 and the letter a is 01100001. Humans cannot make out a vast stream of zeroes and ones, but it is child's play for a computer. Patterns of letters are therefore transformed before transmission by using an arbitrary key; the key may be used in arithmetic, logical, or other ways to make the underlying meaning inaccessible to anyone who does not know the key. The more binary digit the key has, the more difficult the code is to crackmeaning that the longer it takes a computer system, attempting to break the code, to find the key by trial and error. Very safe encryption methods in the mid-2000s made use of 128-bit keys; such keys were used in financial transactions; but newer systems were being fielded using 168 and 256 bits.

TYPES OF ENCRYPTION PROGRAMS

Single Key

There are two main types of data encryption systems. In the firstwhich is variously known as private key, single key, secret key, or symmetric encryptionthe sender and the recipient of the data both hold the same key for translation. This single key is used both to code and to decode information exchanged between two parties. Since the same key is used to encrypt and decrypt messages, the parties involved must exchange the key secretly and keep it secure from outsiders. Private key encryption systems are usually faster than other types; they can be cumbersome when more than two parties need to exchange information.

Public Key

The second, and more commonly used, type of data encryption system is known as a public key system. This approach involves two separate keys: a public key for encoding information; and a private key for decoding information. The public key can be held and used by any number of individuals and businesses, whereas only one party holds the private key. The system is particularly useful in electronic commerce: the merchant holds the private key and all customers have access to the public key. The public key can be posted on a Web page or stored in an easily accessible key repository. Public key encryption systems are widely available on the Internet and heavily used by large companies.

The best-known data encryption program is called RSA. It was developed in the late 1970s by three graduates of the Massachusetts Institute of TechnologyRonald Rivest, Adi Shamir, and Leonard Adleman. As of the mid-2000, there were more than a billion installations of RSA encryption programs on computer systems worldwide. RSA scrambles data based on the product of two prime numbers, each of which is 100 digits long. RSA is known as a public key encryption system, meaning that many people can use it to encode information, but only the person who holds the key (or knows the value of the two prime numbers) can decode it again. RSA is embedded in hundreds of popular software products, including Windows, Netscape Navigator, Quicken, and Lotus Notes. It is also available as a free download from the World Wide Web.

A number of other data encryption programs enjoy wide use as well. Examples include Pretty Good Privacy (PGP), which is considered easy to use; Secure Sockets Layer (SSL), which is used by many companies that accept online credit card orders; Secure Electronic Transactions (SET), another popular method of handling credit card purchases that is backed by Visa, Mastercard, Microsoft, IBM, and other major players in electronic commerce; and Data Encryption Standard (DES), which was invented by IBM in the mid-1970s and became the U.S. government standard.

DES is a good example of the life-cycle of encryption systems. Unlike diamonds, they are not forever. More powerful and faster computers are able to tackle and break the best the older codes. Thus in 1998, as reported by James Swann in Community Banker, the Electronic Frontier Foundation cracked a DES code in less than three days; the year after, another network comprised of 100,000 computers cracked the key in 22 hours and 15 minutes. For this reason The National Institute of Standards and Technology proposed in 2005 that DES be decertified for government work. It will most likely be replaced by Triple DES, also an IBM product. 3DES, as it is known, makes the code much harder to crack by using a 168-bit key.

MOTIVATION FOR ENCRYPTION

Encryption systems cost money in the form of software and greater computer capacity. Processing of encrypted data in and out also adds time to all procedures. But the money is well spent. Betsy Spethmann, writing in 2005 for Promo magazine, reports that security breaches of systems holding customer data cost their owners on average $14 million per incident. In addition, once such breaches become known, the database owner typically loses at least 20 percent of its customers. Shedding troubled customers in large numbers is likely to accelerate. At present, Spethmann reports, 21 states "have laws requiring marketers to notify customers or employees when security of personal data has been breached. The federal legislature is considering at least five bills on data security and notification."

TRENDS IN ENCRYPTION PRACTICES

In the early 2000s, many corporations materially strengthened their defenses against the interception of transmitted data by encryption; they also fortified their information systems with ever better firewalls against intruders. Trends in the mid-2000s have been to focus on internal security. More and more companies, as reported elsewhere in this volume (see "Computer Crime"), have begun to focus on the enemy within. As one article in Information Week put it in its title, "You Know These Security ThreatsYou Hired Them."

In many companies data are routinely encrypted before transmission to another sitebut remain in clear, unencrypted language on the computer itself, protected only by a system of passwords. When these machines are backed up at night on tape, vital proprietary data are simply hanging on a rack, stored on magnetic tapetapes small enough to fit comfortably into a generously sized canvas shopping bag. These data are all too frequently simply stolen.

More and more companies in consequence are extending encryption to storage tapes used for backup. They are also exploring off-site storage of back-up data on distant computers where they reside in encrypted form. Even such methods are not sufficient to protect data from individuals who, by the very nature of their jobs, have access to the sensitive data. Thus, at the boundaries of encryption other techniques of supervision and control must be devised to protect information where scrambling, however effective and however well protected by keys of ever increasing digits, still do not provide protection.

see also Biometrics; Internet Security

BIBLIOGRAPHY

Angwin, Julia. "Internet Encryption's Password is 'Slow.'" Wall Street Journal. 28 March 2000.

Britt, Phillip. "Encryption Key to Data Security." Information Today. November 2005.

"Internet Security Gateway Targets Small Network Environments." Product News Network. 16 December 2005.

Komiega, Kevin. "Tape Encryption Not a Security Cure-All." InfoStor. January 2006.

Korper, Steffano, and Juanita Ellis. The E-Commerce Book: Building the E-Empire. Academic Press, 2000.

MacVittie, Don. "Don't Be The Next Data DebacleImplement tape encryption now, before you find yourself in the white-hot spotlight for all the wrong reasons." Network Computing. 24 November 2005.

"No One-Stop Shopping to Stop Database Pilferages." eWeek. 21 December 2005.

Spethmann, Betsy. "Data Security Mistakes Cost an Average $14 Million." Promo. 23 November 2005.

Swann, James. "Preparing for Triple DES security." Community Banker. December 2005.

"You Know These Security ThreatsYou Hired Them: New products are designed to stop threats that come from the inside." Information Week. 31 October 2005.

                                  Hillstrom, Northern Lights

                                   updated by Magee, ECDI

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"Data Encryption." Encyclopedia of Small Business. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"Data Encryption." Encyclopedia of Small Business. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/entrepreneurs/encyclopedias-almanacs-transcripts-and-maps/data-encryption

"Data Encryption." Encyclopedia of Small Business. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/entrepreneurs/encyclopedias-almanacs-transcripts-and-maps/data-encryption

Data Encryption Standard (DES)

DATA ENCRYPTION STANDARD (DES)

Highly sensitive digital information is often the target of computer hackers, international spies, and criminals. In order to protect such information, in 1977 the National Security Agency (NSA) and the National Bureau of Standards (NBS) adopted the Data Encryption Standard (DES) to protect sensitive, unclassified, non-military digital information from unauthorized access. Encryption is the intentional scrambling or masking of digital data to protect it from compromise.

DES utilized symmetric-key (or private-key) encryption, in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. The key is a string of digits that has been generated by a complex mathematical algorithm, or formula. Private-key encryption differs from public-key encryption, which utilizes two keysa public key to encrypt messages and a private key to decrypt them. Private-key systems are simpler and faster, but their main drawback is that both parties must somehow exchange the key in a secure manner. Public-key encryption avoids this problem because the public key can be distributed in a non-secure way, and the private key is never transmitted. In the former case, secrecy is shared between only two users, whereas in the latter, the public key is a more or less an "open secret." Thus, public-key encryption requires many more bits to rival private-key systems' level of protection.

Though the NSA usually supervises development of governmental encryption systems, its hesitation over creating such a system for public use led to an open call for the system's design. Ultimately IBM produced a 56-bit key algorithm that became DES. Controversy arose over the extent to which DES-encrypted products could be exported outside the United States, since federal regulations govern export of encrypted items. Security considerations led the U.S. government to limit the export of encryption systems to those of 40 bits or less. Since DES employed 56 bits, most products incorporating DES could not be exported, despite a report on national encryption policy issued by the National Research Council in 1996 that called for a relaxation of export regulations.

DES underwent its most serious challenge in 1998, and failed. The Electronic Frontier Foundation constructed a custom-designed machine, which broke open a DES-encrypted code in 56 hours. Subsequent tests, conducted on 100,000 PCs networked with the EFF machine, reduced the time required to 22 hours. This procedure resulted in the lifting of the U.S. restrictions on exporting DES-encrypted products.

DES's efficacy under continuous surveillance and was reassessed every five years after its inception. The 1998 EFF crack-through concluded that DES' Achilles heel was its short key length. It was recommended that DES should be replaced by Triple DES, a modified version employing 112- or 168-bit keys. DES's versatility also was limited because it worked only in hardware, and the explosion of the Internet and e-commerce led to much greater use and versatility of software than could have been anticipated by DES's designers.

As DES's vulnerabilities became apparent, the National Institute of Standards and Technology (NIST) opened an international competition in 1997 to find a permanent replacement for DES. To be christened the Advanced Encryption Standard (AES), the replacement would be operable into the 21st century. NIST recommended a minimum key length of 128 bits, and sought to guarantee that encrypted files would continue to be secure even after AES was eventually phased out. In addition, the algorithm had to implement public-key cryptography and work with key sizes of 128, 192, and 256 bits. Flexibility also was a premium concern of AES' designers. AES had to function with eight-bit processors, smart cards, ATM networks, high-definition TVs, voice-recognition systems, and satellite communications. Finally, it had to be available internationally on a non-exclusive, royalty-free basis.

Ultimately, DES was testament to the pace of technological change in the late 20th century. It was considered to be adequately powerful and impenetrable in its day. However, the cracks in DES widened into gaping holes as cryptographic and computer technology developed, and as the Internet and other networked systems heightened the need for flexible and durable encryption.

FURTHER READING:

Anthes, Gary H., and Patrick Thibodeau. "IT & the Feds: The Five Years." Computerworld. June 14, 1999, 52.

Harrison, Ann. "Advanced Encryption Standard." Computerworld. May 29, 2000, 57.

. "Cryptographers Urge Review of Standard." Computerworld. August 23, 1999, 4.

. "Encryption Standard Finals." Computerworld. August 16, 1999, 6.

. "Feds Propose New Encryption Standard." Computerworld. October 9, 2000, 14.

Hulme, Geroge V. "Commerce Department Picks Rijndael Encryption Formula." InformationWeek. October 16, 2000.

Landau, Susan. "Designing Cryptography for the New Century." Communications of the ACM. May 2000.

Loshin, Pete. "Cryptographic Turning Points." Computerworld. August 28, 2000.

Messmer, Ellen. "Crypto Proposal Faces Long Journey." Network World. October 16, 2000.

Yasin, Rutrell. "U.S. Picks AES Encryption Spec: Belgian Formula Seen Overcoming DES's Vulnerability to Hackers and Hardware Requirements." Internetweek. October 9, 2000.

SEE ALSO: Advanced Encryption Standard; Cryptography, Public and Private Key; Digital Certificate; Digital Signature; Encryption; Hacking

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"Data Encryption Standard (DES)." Gale Encyclopedia of E-Commerce. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"Data Encryption Standard (DES)." Gale Encyclopedia of E-Commerce. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/economics/encyclopedias-almanacs-transcripts-and-maps/data-encryption-standard-des

"Data Encryption Standard (DES)." Gale Encyclopedia of E-Commerce. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/economics/encyclopedias-almanacs-transcripts-and-maps/data-encryption-standard-des

data encryption

data encryption, the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient. Historically, data encryption has been used primarily to protect diplomatic and military secrets from foreign governments. It is also now used increasingly by the financial industry to protect money transfers, by merchants to protect credit-card information in electronic commerce, and by corporations to secure sensitive communications of proprietary information.

All modern cryptography is based on the use of algorithms to scramble (encrypt) the original message, called plaintext, into unintelligible babble, called ciphertext. The operation of the algorithm requires the use of a key. Until 1976 the algorithms were symmetric, that is, the key used to encrypt the plaintext was the same as the key used to decrypt the ciphertext. In 1977 the asymmetric or public key algorithm was introduced by the American mathematicians W. Diffie and M. E. Hellman. This algorithm requires two keys, an unguarded public key used to encrypt the plaintext and a guarded private key used for decryption of the ciphertext; the two keys are mathematically related but cannot be deduced from one another. The advantages of asymmetric algorithms are that compromising one of the keys is not sufficient for breaking the cipher and fewer unique keys must be generated.

In 1977 the Data Encryption Standard (DES), a symmetric algorithm, was adopted in the United States as a federal standard. DES and the International Data Encryption Algorithm (IDEA) are the two most commonly used symmetric techniques. The most common asymmetric technique is the RSA algorithm, named after Ronald Rivest, Adi Shami, and Len Adleman, who invented it while at the Massachusetts Institute of Technology in 1977. Other commonly used encryption algorithms include Pretty Good Privacy (PGP), Secure Sockets Layer (SSL), and Secure Hypertext Transfer Protocol (S-HTTP). The National Institute of Standards and Technology (NIST) is working with industry and the cryptographic community to develop the Advanced Encryption Standard (AES), a mutually acceptable algorithm that will protect sensitive government information and will be used by industry on a voluntary basis.

Data encryption is regarded by the U.S. government as a national-security issue because it can interfere with intelligence gathering—therefore, it is subject to export controls, which in turn make it difficult for U.S. companies to function competitively in the international marketplace. To resolve this dilemma, the federal government in 1993 proposed key escrow encryption, an approach, embodied in an electronic device called a "Clipper chip," that makes broadly available a purportedly unbreakable encryption technique (although the code was broken by researchers in 1995) with keys to unlock the information held in escrow for national security and law-enforcement purposes by the federal government. This approach, however, has been unacceptable to civil libertarians and to the international community. In 1994 the Clipper algorithm (called Skipjack) was specified in the Escrow Encryption Standard (EES), a voluntary federal standard for encryption of voice, facsimile (fax), and data communications over ordinary telephone lines. A subsequent compromise escrow scheme intended to create a standard for data encryption that balanced the needs of national security, law enforcement, and personal freedom was rejected in 1995; a compromise proposed in 1999 was also controversial.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"data encryption." The Columbia Encyclopedia, 6th ed.. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"data encryption." The Columbia Encyclopedia, 6th ed.. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/reference/encyclopedias-almanacs-transcripts-and-maps/data-encryption

"data encryption." The Columbia Encyclopedia, 6th ed.. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/reference/encyclopedias-almanacs-transcripts-and-maps/data-encryption

Data Encryption Standard

Data Encryption Standard (DES) A very widely used cipher developed by IBM and standardized by the US National Bureau of Standards in 1977. It is a Feistel cipher employing a 64-bit data block and a 56-bit key. The shortness of the key has given rise to much controversy concerning its security.

DES can be used simply as a block cipher, in which case its “mode of operation” is called Electronic Codebook (ECB). The three other NBS-recommended modes of operation are Cipher Block Chaining (CBC), Cipher Feedback (CFB), and Output Feedback (OFB). These increase the security of the system by using DES as a building block in a stream cipher, and differ regarding recovery from possible errors of transmission.

The US National Security Agency announced in 1986 that it would no longer certify the algorithm, so it lapsed as an official standard. It should now properly be called the Data Encryption Algorithm (DEA), although DES remains its most usual name, and it continues to be used throughout the world despite being regarded as insecure for many purposes since brute-force exhaustive key searches have become feasible in some contexts.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"Data Encryption Standard." A Dictionary of Computing. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"Data Encryption Standard." A Dictionary of Computing. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/data-encryption-standard

"Data Encryption Standard." A Dictionary of Computing. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/data-encryption-standard

DES

DES or diethylstilbestrol (dī´ĕth´əlstĬlbĕs´trôl), synthetic nonsteroid female sex hormone having the same physiological effects as estrogen. In the 1940s and 50s DES was mistakenly believed to reduce the risk of miscarriage and was routinely prescribed for pregnant women believed to be at risk. In fact, it was later found to increase the risk of miscarriage and was then tested in a "morning-after" pill, a contraceptive pill that is taken after intercourse. In the late 1960s and early 70s a group of Boston physicians found that women whose mothers had taken DES during pregnancy had an unusually high rate of vaginal cancer, and it has since been implicated in various reproductive disorders and other conditions in female and male children of such mothers. The use of DES to prevent miscarriage was banned in 1973; its use as a growth accelerator in beef cattle was banned in 1979. It currently finds some use in the hormone treatment of certain types of cancer.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"DES." The Columbia Encyclopedia, 6th ed.. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"DES." The Columbia Encyclopedia, 6th ed.. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/reference/encyclopedias-almanacs-transcripts-and-maps/des

"DES." The Columbia Encyclopedia, 6th ed.. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/reference/encyclopedias-almanacs-transcripts-and-maps/des

Data Encryption Algorithm

Data Encryption Algorithm (DEA) Another name for Data Encryption Standard.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"Data Encryption Algorithm." A Dictionary of Computing. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"Data Encryption Algorithm." A Dictionary of Computing. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/data-encryption-algorithm

"Data Encryption Algorithm." A Dictionary of Computing. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/data-encryption-algorithm

des

des (Ger. singular; Fr. plural). Of the. Also (Ger.), the note D♭.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"des." The Concise Oxford Dictionary of Music. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"des." The Concise Oxford Dictionary of Music. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/arts/dictionaries-thesauruses-pictures-and-press-releases/des

"des." The Concise Oxford Dictionary of Music. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/arts/dictionaries-thesauruses-pictures-and-press-releases/des

DES

DES Abbrev. for Data Encryption Standard.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"DES." A Dictionary of Computing. . Encyclopedia.com. 23 Oct. 2017 <http://www.encyclopedia.com>.

"DES." A Dictionary of Computing. . Encyclopedia.com. (October 23, 2017). http://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/des

"DES." A Dictionary of Computing. . Retrieved October 23, 2017 from Encyclopedia.com: http://www.encyclopedia.com/computing/dictionaries-thesauruses-pictures-and-press-releases/des