%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% & Encryption Devices : What They Are, & A Basic Outline For Making Them & %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% WHAT ARE ENCRYPTION DEVICES? ---------------------------- By their nature, encryption devices are not intended to keep people out of any computer system. Rather than limit access to the machine, they limit access to INFORMATION. They are designed to keep some or all of the data on a system secret by rendering the information unreadable. An encryption device can either be hardware or software, (I'm mainly discussing software). In either case, most devices take TEXT and alter it according to a KEY that is either chosen by the user or is generated as a string of random characters by the device itself. When the information needs to be read, the process of alteration is applied in reverse. If the device is hardware-based, the encryption unit is placed between the computer and the terminal. The device does not require a ubJr to run any special encryption qrogram, and it both encrypts outgoing data and decrypts incoming data. With most such hardware encryption devices, the risk of losing or guessing the key is minimal, because the user does not need to choose or keep track of the key. If the device is software-based, the user must run a special program to encrypt or decrypt files. In this case, the program will ask the user for a file and a key, and will encrypt or decrypt the file using the key given by the user. ENCRYPT-DECRYPT PROGRAM OUTLINE ------------------------------- Here is a simplified outline of the way encryption works. Let's assume that you have in the computer a small text file we want to have encrypted. We'll name our file SAMPLE and simply let it consist of the phrase : OUT OF THE INNER CIRCLE. Now the phun begins. We run a program called ENCRYPT, and it asks us what file we would like to encrypt. We respond with SAMPLE, and the program requests a key to use in encrypting it. For this example, we will choose a very simple key, the word KEY. The program will internally match up the key/text combination as follows: K E Y K E Y K E Y K E Y K E Y K E Y K E Y K E ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! O U T O F T H E I N N E R C I R C L E Next, the program will encrypt the text of our file, using the ASCII system. As you may recall, a standard ASCII character set includes 128 different characters. We call them characters, and so they are to the computer, but not all of them look like ABC's and 123's. Some are what are called control characters that ring bells, symbolize carriage returns, and so on. Regardless, each charcter is assigned a unique number from 0 to 127. For our simple example, the program Encrypt will take the ASCII value of the character in the top line and then subtract it from the value of the matching character in the bottom line, "wrapping around" (going back to 127) if the values go below 0. The first O in our text file will be transmitted as the ASCII code for Control-D. The second O in this text, however, will be transmitted as the ASCII code for Control-J. (ETC.....ETC). When the file is to be decrypted, the program will reverse the process by arranging the text/key combination in the same way and adding the values. This method ensures that each character in many different ways, depending on its position in the text and in relation to the characters in the key. So once you have encrypted the file, it is impossible to read unless you have altered it in reverse by the same key and process that altered it in the first place. More complex methods of encryption use essentially the same technique, but they may go through two or more passes to further encode text, or they may take a simple key, like KEY, and make a longer and more complex key out of it. In addition, hardware encryption devices may use random-number keys that are not chosen by the user and, sice they are based on sets of random numbers, cannot, in themselves, be second guessed by a curious intruder (although the text can STILL be decoded if it follows a known pattern). %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% .DONE