Reading about cryptography as its getting talked about quite a lot at the moment with even politicians talking about strong encryption. Also I’m working out how best to go ahead with some encryption in a project.
Cyphers
What recipe you use to encrypt the data examples being One Time Pad, Vigenère, Rot13.
Whats interesting is that mostly they are crackable its just how much time, computers and the access to Mathematicians/Cryptographers you have. So its really a matter of making something as hard and resource intensive as possible. AES / Rijndael is probably a good common one which succeeded DES in terms of standards.
Security / Strength
It is difficult to tell for sure what is ‘secure’ given that many past developments have taken place within agencies that don’t have incentives to publicise there discoveries. If someone has made big strides in designing more efficient cracking algorithms we might not find out until 20 years later.
Comparatively small changes in implementation (block cypher modes ) and algorithms can make a huge difference in terms of security. So creating your own cypher is usually a bad plan and choosing carefully is important.
Keys and key lengths
Then there is how long a key you are using generally the longer the key the stronger the encryption.
How long a key?
Start off from greater than 128 ideally 256 bits and what is that equivalent to when generating key pairs with ssh-keygen, RSA 15360 is equivalent to 256 according to more in US National Institute of Standards and Technology here (page 64).
How secure do you need something to be? (and given what situation)
Commonly you think of encrypting the message during transmission from A to B. In order to prevent someone reading the message in between. There are a lot more, places, stages and levels though. If you encrypt information in a database you have made that information difficult to read if the attacker only has the database. But if they also have the code or keys that encrypted that data then they have also the means to retrieve it.
Does it need to be secure if the attacker has access to lots of decrypted messages, pairs of past encrypted/decrypted items or has knowledge of the texts sent. Can the attacker intercept an encrypted message and alter it and that alteration be undetectable.
So mostly your using layers of security to make access more awkward each layer being an additional level of difficulty.
Perhaps the more layers the better so for a web application the layers could be
- SSL/TLS to encrypt the traffic then encrypting information in the database
- Architecture of the code
- Security of the user accounts on the server
- Security of the underlying server,
- Security practices of the users and administrators of the system
- Browsers and operating systems that the legitimate users might use,
- How keys are managed and shared.
How important is it?
If your keeping peoples credits cards then you need to act differently to just publishing a blog that you can just restore from an earlier database dump.
How long would it take to recover from a breach and how much would that cost you in money and reputation. This makes you consider your backups and your policies on communication with users.
Are you merely deterring automatic attacks from script kiddies on you so they move on to easier targets. Or are likely to be a focus of attacks because of some sort of political or financial cause.
Security is complicated its not just a matter of I use this language, we use TLS version X or we only use such and such servers.