In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).
Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, in 2007 the U.S. government reported that 71% of companies surveyed utilized encryption for some of their data in transit. Encryption can be used to protect data “at rest”, such as files on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers’ personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection) are another somewhat different example of using encryption on data at rest.
Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years. Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks.
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse.
In cryptography, the Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES ciphers have been analyzed extensively and are now used worldwide, as was the case with its predecessor, the Data Encryption Standard (DES).
AES was announced by National Institute of Standards and Technology (NIST) as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a 5-year standardization process in which fifteen competing designs were presented and evaluated before Rijndael was selected as the most suitable (see Advanced Encryption Standard process for more details). It became effective as a standard May 26, 2002. As of 2009, AES is one of the most popular algorithms used in symmetric key cryptography. It is available in many different encryption packages. AES is the first publicly accessible and open cipher approved by the NSA for top secret information
Until May 2009, the only successful published attacks against the full AES were side-channel attacks on specific implementations. The National Security Agency (NSA) reviewed all the AES finalists, including Rijndael, and stated that all of them were secure enough for US Government non-classified data. In June 2003, the US Government announced that AES may be used to protect classified information:
The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths. The implementation of AES in products intended to protect national security systems and/or information must be reviewed and certified by NSA prior to their acquisition and use.”
You may also want to refer to your local Law. Below are the acts from Malaysia Cyber Law:
Three Acts contain a power to require people to decrypt during a search; such a search is allowed when there is reasonable cause to believe that an offence under the Act at issue is being or has been committed. There is therefore no general power to order decryption.
- Art. 10 (1) (b) of the Computer Crimes Act 1997 requires (likely) users and people otherwise concerned with the operation of computers or material, during a search, to provide reasonable assistance for the purpose of accessing programs or data or material that is reasonably suspected to be used in connection with an offence under the Act, as well as to produce any information contained in a computer and accessible from the premises to be produced in a form in which it can be taken away and in which it is visible and legible. Refusal to cooperate is punishable with at most 25k ringgit and/or three years’ imprisonment (art. 11).
- Art. 79 of the Digital Signature Act 1997 requires people, during a search, to give access to computerised data whether stored in a computer or otherwise, which includes providing the necessary password, encryption code, decryption code, software or hardware required to enable comprehension of computerised data. Refusal to cooperate is punishable with at most 200k ringgit and/or four years’ imprisonment (art. 83).
- Art. 249 of the Communications and Multimedia Act requires people, during a search, to give access to computerised data whether stored in a computer or otherwise, which includes providing the necessary password, encryption code, decryption code, software or hardware required to enable comprehension of computerised data. Refusal to cooperate is punishable with at most 100k ringgit and/or two years’ imprisonment (art. 242). This Act contains a provision (art. 256(2)) allowing people to refuse answering questions if they thereby would incriminate themselves; by contrast, the privilege against self-incrimination can be deemed not to hold for complying with a decryption order.
If you are looking for ways to protect your sensitive electronic data from unauthorized person, then you have come to the right place. From here we would like to offer you our service in protecting your electronic data using AES-256 Algorithm (the best & most secure available encryption algorithm available today). We can even provide you with hidden encryption “In situation whereby you are forced to reveal the encrypted data but by using hidden encryption technique you may decrypt what ever fake data you wish to show while the actualy encrypted data remain safe”. Please contact us for more information to secure your data (Internal or External HardDisk, USB Stick, Windows Operating Systems).
Disclaimer & Notices
Although AES-256 is the best encryption technique available today and impossible to crack at the moment, but this doesn’t mean some can’t access your file if they know your password.
Example of how someone / authority might steal your password.
- Implement a tracking device / spyware / key logger on your keyboard to steal the password you had key in.
- Using phishing method, whereby a spyware disguised as the genuine software to steal your password.
- Or simply force you to reveal your password.