Home > Guides > Security > General Security and Privacy

Security Reference Guide

Hosted by

Toggle Open Guide Table of ContentsGuide Contents

Close Table of ContentsGuide Contents

Close Table of Contents

Encryption Strength

Last updated May 23, 2003.

There are several factors that define the strength of a cipher. The two most important are the type of encryption used (also known as the algorithm), and the length of the key used during the encryption process. For example, one simple form of encryption is a simple letter swap, which shows up in most every newspaper in the US as a game called Jumble. In this case the algorithm is a very simple process; just replace one letter with another and repeat. On the other hand, stronger algorithms such as AES can take thousands of years to crack, even with the fastest computer currently in existence.

Computers are never wrong, barring a hardware glitch due to broken equipment. Therefore, in a perfect world, strong encryption would not be breakable. However, once you introduce humanity into the equation, you also introduce errors. Weak pass phrases, improper implementation of a cipher algorithm, and other man-made weaknesses can turn even the strongest encryption into nothing more than a nuisance for a cracker. One example is the implementation of RC4 in WEP, which was supposed to encrypt wireless traffic. Not only is the 64-bit encryption weakened by sending part of the password as plaintext with each packet of traffic encrypted, but the implementation of RC4 was improperly programmed, which leaks the encryption password after collecting 2-4 million packets (or less in some cases) of encrypted traffic. (We describe in great detail how to crack WEP in our book Maximum Wireless Security from SAMS).

The second main weakness of encryption is that there is usually a single digital key needed to decipher the traffic. This is the Achilles heel of encryption because if that password can be obtained via a key logger, a brute force guess, or as a result of some cached memory that stores the password in plaintext on the drive, then the file can be decrypted.

As a result, and despite the use of a strong algorithm, it still may be possible to gain access to that data. Instead of focusing on a frontal approach, which may work for password protected documents or zip files, a cracker could simply assemble a list of possible words or phrases used by the target. In addition, a monitoring device can be installed on or around the computer to capture the decryption process. This could include cameras, key loggers, or remote forensics tools. For example, the FBI secretly enters suspect's homes to install key loggers and/or tiny wall cameras with a view of the suspect's keyboard and monitor. This way even if the suspect uses a strong form of encryption, the FBI can see what password is entered and thus gain access to the sensitive data.