Three Types of Encryption

Different software products operate with encryption in different ways. Three basic types of encryption may
be considered: manual, semi-transparent and transparent.

Manual encryption is completely provided by the user (via the relevant software, of course): he has to
manually select the objects for encryption (usually files or folders) and then run some special command/
menu item to encrypt or decrypt these objects. Thus, manual encryption systems demand the user's active
participation, and he must strictly remember to encrypt his private data before he leaves this data outside of
his personal control. This is risky from a security point of view - risking human error (forgetfulness).
Nevertheless, manual (file) encryption, from a technical point of view, has a potential advantage: it can
operate easily and reliably - more reliably than any other type of encryption software.

Transparent encryption is almost a complete contrast to Manual encryption. In this case, decryption/
encryption is performed at a low level, permanently, during ALL read/write operations, so that encrypted
data of any type (including executable programs) is always stored on the disk in encrypted form. The theft or
loss of a notebook/ disk/ floppy disk, a sudden power/ software/ hardware failure/ breakdown does not
threaten loss of data - it is always stored on the transparently encrypted volumes in encrypted form. From
the point of general security principles, complete low-level transparent encryption is the most secure type
imaginable, being easiest - imperceptible - for the user to manage, but it has a couple of disadvantages: it
can't be "mobile" - i.e. can not transport encrypted data from computer to computer, (except via encrypted
diskettes); it is very difficult to implement (engineer) correctly; and it generally doesn't fit into system
architectures based on multi-user sharing of resources, as in networks. Nevertheless, when properly
engineered, it is unbeatable for the protection of data on local work stations and stand-alone or mobile
(laptop) machines.

Semi-Transparent, or "On-the-fly", encryption operates not permanently, but before/after access is made
to confidential objects or during some read/write operations. The most widespread example is ciphering
during Copy/Move to a "secret" volume/folder; deciphering a file before opening it via standard Windows
applications (Word, Excel, etc) and enciphering it after the application is finished; and deciphering specified
folders/files at startup of the computer and enciphering them again at shutdown. Semi-Transparent
encryption graduates from manual/file encryption. The typical great weakness of many of these encryption
products is that they can cause degradation of the computer systems efficiency and a sudden/ emergency
loss of data when the amounts to be encrypted are too great. The problem of developers is to find an optimal
trade off between simplicity, security, effectiveness and reliability, and most developers get into a mess
here. By the way, the semi-transparent features of F-Cryprite are based not on any doubtful programming
tricks, but on the encryption speed of the SVC algorithm (which is essentially higher than any "open"
operation in Windows): thus F-Cryprite's efficiency is absolutely uninfluenced by the total amount of data to
be encrypted!

Encryption Examples
The following examples show how the to request encryption when sending private
messages, how to enforce encryption at the queue level, and what applications must do to
encrypt messages.

Note In most cases Message Queuing can encrypt the message when encryption is
requested.

For an example of Using

Requesting encryption when sending messages C/C++ Code Example: Requesting Encryption

Visual Basic Code Example: Requesting Encryption

Enforcing encryption when creating a queue C/C++ Code Example: Enforcing Encryption

Visual Basic Code Example: Enforcing Encryption

Send comments about this topic to Microsoft.

Encryption
From Wikipedia, the free encyclopedia

"Encrypt" redirects here. For the film, see Encrypt (film).

This article is about algorithms for encryption and decryption. For an overview of cryptographic technology in
general, see Cryptography.

It has been suggested that Disk encryption be merged into this article
or section. (Discuss)

In cryptography, encryption is the process of transforming information (referred to as plaintext) using

an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge,
usually referred to as a key. The result of the process is encryptedinformation (in cryptography, referred to
as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse
process,decryption (e.g. “software for encryption” can typically also perform decryption), to make the
encrypted information readable again (i.e. to make it unencrypted).

Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is
now commonly used in protecting information within many kinds of civilian systems. For example,
the Computer Security Institute reported that in 2007, 71% of companies surveyed utilized encryption for some
of their data in transit, and 53% utilized encryption for some of their data in storage.[1]Encryption can be used to
protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives). In recent years
there have been numerous reports of confidential data such as customers' personal records being exposed
through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should
physical security measures fail. Digital rights management systems which prevent unauthorized use or
reproduction of copyrighted material and protect software against reverse engineering (see also copy
protection) are another somewhat different example of using encryption on data at rest.

Encryption is also used to protect data in transit, for example data being transferred via networks (e.g.
the Internet, e-commerce), mobile telephones, wireless microphones, wireless
intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports
of data in transit being intercepted in recent years.[2] Encrypting data in transit also helps to secure it as it is
often difficult to physically secure all access to networks.

Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect
the integrity and authenticity of a message; for example, verification of a message authentication code (MAC)
or a digital signature. Standards andcryptographic software and hardware to perform encryption are widely
available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up
in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted
information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse.

One of the earliest public key encryption applications was called Pretty Good Privacy (PGP). It was written in
1991 by Phil Zimmermann and was purchased by Network Associates (now PGP Corporation) in 1997.

There are a number of reasons why an encryption product may not be suitable in all cases. First, e-mail must
be digitally signed at the point it was created to provide non-repudiation for some legal purposes, otherwise the
sender could argue that it was tampered with after it left their computer but before it was encrypted at a
gateway. An encryption product may also not be practical when mobile users need to send e-mail from outside
the corporate network.[3]
- Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily
understood by unauthorized people. Decryption is the process of converting encrypted data back into its
original form, so it can be understood.

The use of encryption/decryption is as old as the art of communication. In wartime, a cipher, often
incorrectly called a code, can be employed to keep the enemy from obtaining the contents of
transmissions. (Technically, a code is a means of representing a signal without the intent of keeping it
secret; examples are Morse code and ASCII.) Simple ciphers include the substitution of letters for numbers,
the rotation of letters in the alphabet, and the "scrambling" of voice signals by inverting
the sideband frequencies. More complex ciphers work according to sophisticated computer algorithms that
rearrange the data bits in digital signals.

In order to easily recover the contents of an encrypted signal, the correct decryption key is required. The
key is an algorithm that undoes the work of the encryption algorithm. Alternatively, a computer can be
used in an attempt to break the cipher. The more complex the encryption algorithm, the more difficult it
becomes to eavesdrop on the communications without access to the key.
Encryption/decryption is especially important in wireless communications. This is because wireless circuits
are easier to tap than their hard-wired counterparts. Nevertheless, encryption/decryption is a good idea
when carrying out any kind of sensitive transaction, such as a credit-card purchase online, or the
discussion of a company secret between different departments in the organization. The stronger the
cipher -- that is, the harder it is for unauthorized people to break it -- the better, in general. However, as
the strength of encryption/decryption increases, so does the cost.

Encryption software
From Wikipedia, the free encyclopedia

Encryption software is software whose main task is encryption and decryption of data, usually in the form of
files on (or sectors of) hard drives and removable media, email messages, or in the form of packets sent
over computer networks.

Security
Encryption software executes an algorithm that is designed to encrypt computer data in such a way that it
cannot be recovered without access to the key. Software encryption is a fundamental part of all aspects of
modern computer communication and file protection and may include features like file shredding.

The purpose of encryption is to prevent third parties from recovering the original information. This is
particularly important for sensitive data like credit card numbers