This preview shows page 1. Sign up to view the full content.
Unformatted text preview: e of Contents Next
----------- Software encryption programs are popular and are available for all major operating systems. These are meant to protect individual files; the user generally has to manually encrypt and decrypt specific files. It is important that the key management scheme be secure: The keys should not be stored on disk anywhere (or even written to a place in memory from where the processor swaps out to disk). Keys and unencrypted files should be erased after encryption. Many programs are sloppy in this regard, and a user has to choose carefully. Of course, Mallory can always replace the software encryption algorithm with something lousy. But for most users, that isn’t a problem. If Mallory can break into our office and modify our encryption program, he can also put a hidden camera on the wall, a wiretap on the telephone, and a TEMPEST detector down the street. If Mallory is that much more powerful than the user, the user has lost the game before it starts. 10.6 Compression, Encoding, and Encryption
Using a data compression algorithm together with an encryption algorithm makes sense for two reasons: Cryptanalysis relies on exploiting redundancies in the plaintext; compressing a file before encryption reduces these redundancies. Encryption is time-consuming; compressing a file before encryption speeds up the entire process. The important thing to remember is to compress before encryption. If the encryption algorithm is any good, the ciphertext will not be compressible; it will look like random data. (This makes a reasonable test of an encryption algorithm; if the ciphertext can be compressed, then the algorithm probably isn’t very good.) If you are going to add any type of transmission encoding or error detection and recovery, remember to add that after encryption. If there is noise in the communications path, decryption’s error-extension properties will only make that noise worse. Figure 10.3 summarizes these steps. 10.7 Detecting Encryption
How does Eve detect an encrypted file? Eve is in the spy business, so...
View Full Document
- Fall '10