November 5th, 2001, 06:38 PM
Just a note, check out Negative's tutorial on Encryption, this is a very basic rough guide and I just posted it as I wrote it a long time ago and thought I'd put it up!
1=what is encryption?
2=basics of encryption and decryption
3=cryptography and pgp
1. what is ENCRYPTION
This text deals with encryption, what exactly it is and PGP, as well as how others can decrypt your encrypted files. Encryption is a very useful resource to the hacker that wants to keep his exploits private. By reading
this text carefully you can safeguard your files from attacks.
2. the basics of encryption and decryption
Encryption means making a simple .txt file unreadable. when you write a simple .txt file it is in "plain text".
however if you encrypt this file it becomes unreadable. Before a password is entered this text is known as cipher text. When however you decide to change this cipher text back into plain text it is called decryption.
EG. ENCRYPTION-->turns text into
CIPHER TEXT-->which can be changed by
DECRYPTION-->into good ol'
PLAIN TEXT-->you can now read your file..
3. cryptography and PGP
Cryptography is a mathematical science and well in the more english sense of the word is the uncovering or conversion of cipher-text.
In maths it means to encrypt or decrypt data so maths is strongly associated with cryptography.
It is possible to secure files so well it could take years and years to decrypt that is why encryption is so important on an insecure place such as the internet.
One of the best encryption programs on the net is PGP [pretty good privacy].
get it at: www.pgp.com
its features include compressing the file to save you space. it then creates what is known as a session key.
This session key uses a private encryption algorithm that encrypts the file.
The two keys ivolved the session key and the recipients key are encrypted together.
PGP does not use normal passwords but long passphrases which can involve both lower, upper and number characters to deter dictionary attacks from password crackers.
Most password crackers will not contain word-lists with such characters.
Encryption if used right can make your information unbreakable but there are
ways in which its misuse can lead to succesful "cracks" on your private information.
I will begin with trojans and virii
If your computer became infected with a trojan the attacker may run a key logger [program that collects all your keystrokes and sends them to your attacker]. The attacker will then be able to see your passphrase, this may also occur with certain viruses.
Next stupid passphrases/words
A very obvious mistake made by people is a very simple password is used and the attacker simply guesses it. The whole encryption process is useless with these passphrases.
Examples of bad passphrases include
-i love you
If someone is using a brute force attack on you such easy popular passwords will be included in some text file and they will achieve access.
Try a long one with numbers as well as upper and lowercase letters.
that type of stuff, something youll remember.
BUT dont write it down on pieces of paper near you computer and
DONT USE THE SAME PASSWORD ALL THE TIME....
or else if a hacker gets into one file hell get into every password protected file/site/e-mail account you have!