A formula used to turn ordinary data, or "plaintext," into a secret coded message known as "ciphertext." The ciphertext can reside in storage or travel over unsecure networks without its contents being divulged to unauthorized people.
Also known as a "cipher," each algorithm uses a randomly generated string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making it harder to break the code and decrypt the contents.
Most encryption algorithms use the block cipher method, which codes fixed blocks of input. Others use the stream method, which encrypts one bit at a time. See
mode of operation,
cryptography,
security protocol,
stream cipher,
block cipher and
algorithm.
Algorithm Choices
This dialog shows a selection of algorithms from ScramDisk, an earlier program that encrypted files on the hard drive. "Mouse entropy" is the amount of randomness used to create the key, and the more the mouse was jiggled, the more randomness. Following are excerpts from the ScramDisk's documentation, which provide a brief summary of secret key algorithms.
3DES
This is far better than DES; it uses three applications of the DES cipher in EDE (Encipher-Decipher-Encipher) mode with totally independent keys. Outer-CBC is used. This algorithm is thought to be very secure (major banks use it to protect valuable transactions), but it is also very, very slow.
Blowfish
Blowfish is a high security encryption alogorithm designed by Bruce Schneier, the author of Applied Cryptography and owner of the company Counterpane. It is very fast, is considered secure and is resistant to linear and differential analysis. This is my personal cipher of choice.
DES
Data Encryption Standard was designed in the early 1970s by IBM with input from NSA. It is OK, but a single key can be broken in three days by the Electronic Frontier Foundation, a poorly funded organization. This algorithm was provided for completeness.
IDEA
International Data Encryption Algorithm was produced by Xuejia Lai and James Massey. It is fairly fast, is considered secure, and it is also resistant to both linear and differential analysis. To use this for anything other than personal use, a royalty must be paid to Ascom-Systec Ltd.
Misty1
Misty1 was designed by M. Matsui of Mitsubishi. It is a reasonably fast cipher that is resistant to both linear and differential analysis. It is fairly new though, so use it with caution.
Square
Square is a very fast and reasonably secure block cipher produced by John Daemen and Vincent Rijmen. It hasn't been subject to as much peer review as Blowfish, 3DES, IDEA, etc., so it may be susceptible to attacks.
Summer
This is a proprietary stream cipher constructed by the author and is designed for speed alone. It is supplied for backward compatibility with Version 1 of ScramDisk and is not recommended for use on newly created disks. Instead, use TEA or Blowfish, which are both reasonably fast.
TEA
Tiny Encryption Algorithm is a very fast and moderately secure cipher produced by David Wheeler and Roger Needham of Cambridge Computer Laboratory. There is a known weakness in the key schedule, so it is not recommended if utmost security is required. TEA is provided in 16 and 32 round versions. The more rounds (iterations), the more secure, but slower.
Block Key
Encryption Size Size
Type Author Bits Bits Time**
3DES Diffie-Hellman 64 168 4:05
Blowfish Schneier 64 256 0:55
DES IBM-NSA 64 56 1:42
IDEA Lai-Massey 64 128 1:07
Misty1 Matsui 64 128 2:50
Square Daemon-Rijmen 128 128 0:39
Summer Aman (stream) 128 0:46
TEA 16 Wheeler-Needham 64 128 0:46
TEA 32 Wheeler-Needham 64 128 1:03
**Minutes/seconds to encrypt a 50MB file.
Although times are based on an older
166 MHz Pentium, the list serves as an
algorithm speed comparison.