Q

What is a sufficient encryption?

What is a sufficient encryption? DES, SHA1, RSA, AES, DESX, RC4, MD5-RSA, SHA1-DSA, X.509 certificate?

You've given a mass of things, not all related, so here's a brief description of each:

DES is venerable old symmetric cipher, so don't use it any more. It's not sufficient. Triple-DES is still secure, but there are better selections in the absence of other considerations. The obvious better choice is AES, which replaces Triple-DES as a NIST standard (more on it below). Other better choices include the other two unencumbered AES finalists, Twofish or Serpent, as well as CAST-128, which still has a good mix of speed and security. All of these are not only more secure than DES, but faster than it. Why use something that is slow and not secure?

SHA1 is a hash function, not an encryption function. As a hash function, it's still standing, but there will be better choices in a few years. If you're designing a new system, keep in mind that you may want to replace it in a couple years. I repeat the word may.

RSA is a public key algorithm. Use it with key sizes of 2048-4096 bits. If you have an existing system that's using 1024 bit public keys, I wouldn't panic, but you can do better.

AES is the replacement for DES. It comes in 128, 192 and 256 bit versions, and any of the three are fine. Even the U.S. government thinks so. They approved 128-bit AES for classified data and the 192 and 256-bit versions for secret and top secret data.

DESX was an attempt to strengthen DES. It uses a random blob to XOR on the data before encrypting and after decrypting. There are some subtle attacks on this technique, and while certainly better than DES alone, it isn't up to snuff against the many options you have. I once worked on a system that had hardware DES support; we used DESX to improve DES in a couple of places where we couldn't afford the speed overhead of Triple-DES. That is, however, a very specialized situation. If you need to use DESX, the reasons will be obvious (and similar to when I had to use it). Use AES or one of the other alternatives I mentioned above.

RC4 is a stream cipher commonly used in SSL connections. It has frayed over the years, and there are enough known and suspected flaws that you shouldn't use it for new projects. If you are presently using it and can easily remove it, it wouldn't be a bad idea. However, I suspect that if you're using it, you can't easily remove it. If you can't easily remove it from an existing system, consider how you might upgrade in the future, but don't panic. I wouldn't refuse to buy from a Web site that's using RC4 in their SSL, but if I were building a new one, I'd use something else, like AES.

I presume that when you talk about the next two, MD5-RSA and SHA1-DSA, you're talking about digital signatures. Don't use MD5; it has flaws in it. There have been cracks in it for years, and they finally opened up this last summer. If you want to read a longer discussion of this, take a look at an article I wrote here. You can use SHA1 with either RSA or DSA. DSA presently is defined for up to 1024-bit public keys, which is large enough that there's no need for panic. However, it will be better when NIST finishes the parameters for larger keys.

An X.509 certificate is a data structure; it is a way to order bits and bytes, not a cryptosystem itself. It typically holds an RSA key, but it could also hold a DSA key. It's not encryption in and of itself.


For more information on encryption, visit these SearchSecurity.com resources:
  • Ask the Expert: 'The seduction of the one-time pad'
  • Ask the Expert: Encryption 101 -- Triple DES explained
  • ITKnowledge Exchange: Ask your peers about sufficient encryption
  • This was first published in November 2004

    Dig deeper on Disk Encryption and File Encryption

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close