Complexity of password is also an important issue in creating password. The more complex the password, the more difficult to be cracked. A complex password should contain combination of numbers, uppercase and lowercase alphabet and special characters. In windows 2003, administrator is able to set the password policy so that user creates a complex password.
Pretty Good Privacy (PGP) is a public key encryption program that provides cryptographic privacy and authentication originally written by Phil Zimmermann in 1991. PGP is often used for signing, encrypting and decrypting e-mails to increase the security of e-mail communications. Over the past few years, PGP has become a de-facto standard for encryption of email on the Internet.
How PGP works actually? When a user encrypts plaintext with PGP, PGP first compresses the plaintext. Data compression saves modem transmission time and disk space and, more importantly, strengthens cryptographic security. Most cryptanalysis techniques exploit patterns found in the plaintext to crack the cipher. Compression reduces these patterns in the plaintext, thereby greatly enhancing resistance to cryptanalysis. (Files that are too short to compress or which don't compress well aren't compressed.)
PGP then creates a session key, which is a one-time-only secret key. This key is a random number generated from the random movements of your mouse and the keystrokes you type. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is encrypted, the session key is then encrypted to the recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient.
Decryption works in the reverse. The recipient's copy of PGP uses his or her private key to recover the temporary session key, which PGP then uses to decrypt the conventionally-encrypted ciphertext.
The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption. Conventional encryption is about 1, 000 times faster than public key encryption. Public key encryption in turn provides a solution to key distribution and data transmission issues. Used together, performance and key distribution are improved without any sacrifice in security.
No comments:
Post a Comment