Encryption software - protect, shred, encrypt files or folders

What is cryptography?

Cryptography is the science of using mathematics to encrypt and decrypt information. Once the information has been encrypted, it can be stored on insecure media or transmitted on an insecure network (like the Internet) so that it cannot be read by anyone except the intended recipient.

What is the encryption and decryption process?

Encryption is the process in which data (plaintext) is translated into something that appears to be random and meaningless (ciphertext). Decryption is the process in which the ciphertext is converted back to plaintext.

What is a cryptographic algorithm?

A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and decryption process. A cryptographic algorithm works in combination with a key (a number, word, or phrase) to encrypt and decrypt data. To encrypt, the algorithm mathematically combines the information to be protected with a supplied key. The result of this combination is the encrypted data. To decrypt, the algorithm performs a calculation combining the encrypted data with a supplied key. The result of this combination is the decrypted data. If either the key or the data is modified, the algorithm produces a different result. The goal of every encryption algorithm is to make it as difficult as possible to decrypt the generated ciphertext without using the key. If a really good encryption algorithm is used, then there is no technique significantly better than methodically trying every possible key. Even for a key size of just 40 bits, this works out to 2^40 (just over 1 trillion) possible keys.

Differences between symmetric and asymmetric algorithms.

Symmetric algorithms encrypt and decrypt with the same key. Main advantages of symmetric algorithms are its security and high speed. Asymmetric algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Asymmetric algorithms (also known as public-key algorithms) need at least a 3,000-bit key to achieve the same level of security of a 128-bit symmetric algorithm. Asymmetric algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data. Symmetric algorithms are about 1,000 times faster than asymmetric ones.

How secure is Encrypt Easy?

Encrypt Easy uses these and others strong (symmetric) cryptographic algorithms to protect your information:

• Blowfish (448-bit key) is a strong and fast algorithm designed by Bruce Schneier, one of the most prestigious cryptographers all over the world.
• Rijndael (256-bit key) is a high security algorithm created by Joan Daemen and Vincent Rijmen (Belgium). Rijndael is the new Advanced Encryption Standard (AES) chosen by the National Institute of Standards and Technology (NIST).
• Triple DES (192-bit key) is a strong, well-known, U.S. Government algorithm. TripleDES use the DES algorithm three times with three different keys.
• Gost (256-bit key) is a cryptographic algorithm from Russia that appears to be the Russian analog to DES. Gost has undergone intensive peer review and is regarded to be secure.
• CAST (256-bit key) is a rather dependable algorithm with key length up to 64 bits. Developed by C.M. Adams and S.E. Tavares, who offered it at AES competition.
• Twofish (256-bit key) is algorithm that replaced Blowfish, authored by Bruce Schneier as its predecessor. Considered to be hack-proof (no known incidents of code-cracking).

At present, there is no way to break any of these algorithms, unless to try all possible keys. If one billion computers were each searching one billion keys per second, it would take over 10*10^24 years to recover information encrypted with a 168-bit algorithm (the age of the universe is 10*10^9 years). In addition, Encrypt Easy implements mechanisms against modifications in its code. When executed, it verifies the algorithms with the test vectors provided by their designers.

The algorithms implemented in Encrypt Easy are Block Ciphers. This means that they encrypt data in block units, rather than a single bit at a time. The algorithms are used in Cipher Block Chaining mode, where the original data is XORed with the previous ciphertext before encryption. On the first encryption, a random-generated 128-bit Initialization Vector is used as the ciphertext. CBC mode ensures that even if the data contains many identical blocks, they will each encrypt to a different ciphertext block.

When you enter your passphrase into Encrypt Easy, it is hashed with a Hash algorithm to generate a fingerprint, also known as digest. The one-way Hash function takes variable-length input, in this case your passphrase, and produces a fixed-length output. Also ensures that, if the passphrase is changed -even by just one bit- an entirely different output value is generated. This value is the key actually used by the cipher. That process is repeated using a different Hash function for each encryption algorithm, thus generating four unique keys.