NOTA: alcun link di questa pagina non funzionano e alcune informazioni sono "datate" ma possono essere considerate a carattere storico. I link che funzionano, portano ad informazioni aggiornate e significative.
NetAction prepared this guide primarily to help U.S.-based organizations and activists learn to use encryption software. If you are located outside the U.S., you will need to determine whether the use of encryption is restricted in your location before downloading any of the encryption software discussed in this guide.
This guide was researched by Matt McCarthy and co-written by Matt McCarthy and Audrie Krause, with editorial assistance provided by Theresa Chen and Andrea Jepson. This guide is available as a regular HTML document, a Microsoft Word document, and in ASCII text.
Copyright 2001 by NetAction/The Tides Center. NetAction is a project of The Tides Center, a 501 (c)(3) organization. All rights reserved. All material in this guide may be reposted or reproduced for non-commercial use provided NetAction is cited as the source.
Encryption is a software tool that uses scrambling to make data unreadable to anyone other than the intended recipient. It is useful to ensure the privacy of data that you store on your computer, or that you want to email to someone else.
Encryption software programs use algorithms, or complex mathematical processes, to scramble and unscramble (or "encrypt" and "decrypt") the data. Algorithms work through the creation of keys, which are specific strings of data used for encryption. These keys consist of long strings of bits, or binary numbers. The more bits in the key, the greater the number of possible combinations of binary numbers, making the code more difficult to break. You may have heard of "56-bit" or "128-bit" keys, for example. With more bits, the 128-bit key is more difficult to break than the 56-bit key.
If you're curious, you can see what an algorithm looks like: IDEA is one of the algorithms used in Pretty Good Privacy (PGP). An encryption algorithm scrambles data by combining the bits in the key with the data bits; in decryption, the algorithm unscrambles data by separating the data bits from the key bits. In symmetric key encryption, the same key is used to scramble and unscramble data. In asymmetric key encryption, two different keys are required: one to scramble and one to unscramble. With either method, a recipient cannot access the original data without the correct key.
Here is an example of data that has been encrypted:
(((((0400ACHCLBGHEPIOFJJHPLJOFIJAPHOAIDBJEGBMIOHONGALJ
NFMMFINKPNFBIKJKLBLCPEHLPBDLDJEMFHOMPHLCMDLNGILOECLFFI
CNHOEAODJMBLKCDCBAEALAJLCEBBBFIGIOOHGBOPHBJDEPGDLOOBOJ
PBBCIHAIJOHLMHJIMJCGILHMCAKKGNNPMAJKHGBGCNDLFDGMBKGGNJ
ODPDAEKKIPLALIKKPHDFIPOBBEDFMKKBLNMEEPNMMMOIDIPDBMGOEE
CDNMNKOIAIAHICOACNAGBDDPKPNKAOJPFGPIFCGFDLLOCMEGIMNOHD
GMAAEOJEKJIDNIGBHBHNBKENNOGILFAMMOIJDBDAHHNIKCBCFEIPNJ
NMIGGCIMKDGACMGHFGKLMFDNAKOELAOHDJCGGDEDAGDAJNHHAOBJME
KJKGMFGIKPCOJIFFDEHFONKAPHP)))))
You can decrypt this data with ShyFile, a web-based
encryption program. Go to http://www.shyfile.net/d.htm, paste the
encrypted message into the appropriate box, and use this key to decode the
message: netaction.org-encryptionfornonprofits
Encryption software is available for many purposes. You may already be familiar with one form of encryption software: many e-commerce and donation Web sites use Secure Socket Layers (SSL). Whenever you visit any Web page with an address starting with "https" instead of "http," SSL will automatically encrypt anything you type into that page, such as passwords or credit card information, before sending it over the Web.
Our guide focuses on encryption software for email and files, which is considerably more complicated than SSL encryption. Encrypted files can be attached to an email message, uploaded to a Web server via File Transfer Protocol (FTP), or put on a floppy disk and passed by hand. Email messages themselves can also be encrypted. It is not necessary, however, for an email message to be encrypted in order to send it with an encrypted attachment. For example, an encrypted document can be attached to an unencrypted email message that says, "See the attached confidential document." Encryption software specifically intended for use with email is generally easier to use than software intended to encrypt files, because email encryption software integrates seamlessly into the email program. Some email encryption software, for example, adds buttons to your mail program's menu.
Different software programs have different strengths and vulnerabilities, and employ different ways of distributing the keys that scramble and unscramble data. Some software programs require the recipient of an encrypted document or email message to use the same software the sender used. Others simply require the recipient to possess the same key or password that the sender used.
Ask around, and you'll hear varied opinions on whether to use encryption. Certainly, it can add complexity to using your computer. It may be a minor inconvenience such as having to log in with a password every time you turn on your computer, or a major hassle, such as having to fool with a difficult interface every time you want to do anything on your computer. Encrypting large files can take a lot of time and computing power. Even worse, losing passwords or corrupting encryption program installations can lead to data loss. So why bother?
The answer is simple: if the data on your computer is sensitive enough, you should use encryption. For example:
If the answer to any of these questions is "yes," you should take steps to ensure the privacy of this data.
Keep in mind that you don't need to spot suspicious men in a satellite dish-equipped van parked outside your building to warn you that you are potentially at risk of data theft. Malicious hackers may find vulnerabilities in your Internet connection. It's a good idea always to assume that it's possible for someone to violate your computer's security and privacy, and act accordingly to prevent it. This is especially true if you are using Microsoft software, which is particularly vulnerable because it is so widely used. (Malicious hackers know they can cause the most damage by targeting widely used software programs.)
Even if you take the extra steps required to encrypt your data, there are still likely to be vulnerabilities that could allow a skilled or well-funded data thief to get access to your data. Read the section on vulnerabilities for details.
It's up to you to weigh the risk of data theft against the trouble it would take to guard against it by using encryption. Because the usability, learning curve, and difficulty of using these programs factors greatly into the equation of whether you want (or need) to use them, our software reviews focus on how easy it is to get started with the programs and to use them on a day-to-day basis. Since cost is also a major concern for non-profits, we have included reviews of several low-cost or free software options.
All encryption software programs choose an algorithm that they rely on to scramble and unscramble your data. Some programs use more obscure, proprietary algorithms, but others use widely available algorithms. The benefit of using an obscure algorithm is there is less likelihood that tools for cracking it are available. The benefit of using a well-known algorithm is that it has been thoroughly tested. If a vulnerability has not yet been discovered, finding one is probably very difficult.
(For more in-depth information on the various available algorithms, see Appendix B: What are the different kinds of algorithms that encryption software programs utilize?)
Software uses algorithms to encrypt your data in two ways: the symmetric key method, and the asymmetric key method. With either method, it is important to save a copy of your key on a floppy of zip disk, a CD, or another hard drive. Otherwise, if you lose or forget your key, or the key data gets corrupted, you will not be able to decrypt your encrypted data.
Many encryption programs scramble and unscramble with the same key. This simple scheme allows anyone possessing the key that encrypted the data to also decrypt the data. It is important, in order to maintain security, that the sender distribute the key to the intended recipient without letting it fall into the wrong hands. If the sender emails the key in a regular, unscrambled message, malicious parties could easily intercept it in transit. If the sender encrypts the key before emailing it, the recipient will need a second key to decrypt the first key. If the sender copies the key onto a floppy or zip disk, or CD, the disk could be lost in transit or misplaced by the recipient.
Only software programs utilizing this basic model, symmetric key encryption, allow the recipient to unscramble an encrypted message without using the same software the sender used to scramble it. For example, the sender could create a self-decrypting archive that prompts the recipient for a password when double-clicked. Or the sender could create files that could be dragged into a Web browser and unscrambled with a web-based decryption script like ShyFile. Not all programs support self-decrypting archives.
To summarize: the simplicity of symmetric key encryption makes it easy to understand, but distribution of the key is risky.
Some software programs use the asymmetric key, or "public key/private key" model, which requires both the sender and the recipient to have the same software. With this model, the recipient makes a pair of keys, both of which can be unlocked with a single password. One half of the pair is a public key that anyone with the same software uses to encrypt a message to the recipient. The sender does not need the recipient's password to use his or her public key to encrypt data. The recipient's other key is a private key that only he or she can use when decrypting the message. The private key should never be distributed since the private key assures that only the intended recipient can unscramble data intended for him or her. The recipient can freely distribute the public key without worrying since it is only used to scramble the data.
You must meet two conditions before you can use asymmetric encryption software: 1) the recipient must have the same software and already have created a key pair, and 2) you must have the recipient's public key. There are many ways to distribute a public key: through text in an email, through text in a file on a floppy disk, or by posting it on special Internet sites known as key servers. For example, if the recipient's public key is available on a PGP server, your PGP software program can retrieve and store the key on your computer for use at any time.
Here is an example of how asymmetric encryption works: If Jack has Jill's public key, Jack can send encrypted files that Jill can unlock with her private key. Jack can't use Jill's public key to decrypt files intended for Jill (since decrypting a file intended for Jill requires Jill's private key), nor can he sign files pretending to be Jill. Even if Jack got his hands on Jill's private key file, he would need Jill's password to access it.
The biggest problem with this method of encryption is verifying that the sender is who he or she claims to be. The solution is called a "Web of Trust", which makes use of digital signatures. If Jill wants to verify that the Jack who sent her an encrypted file is really the Jack she knows, she confirms his identity by some non-electronic method, such as a personal meeting or phone call, or by an electronic method such as the AT&T Pathserver. If Jack has previously taken similar steps to confirm the identity of John Doe, Jill can also trust an encrypted file from John.
See an illustrated model of encrypting and signing data. These pages are part of the Asia Pacific Network Information Centre's Certificate Authority Status Report.
Some software programs are more useful for encrypting files, and others are more useful for encrypting text messages, like email and instant messages. It's possible to use a file-encryption program for both files and email. Some file-encryption programs, for example, encrypt email by transforming the message into a file, and then sending the encrypted file. However, some of the software specifically designed for email encryption is much easier to use than programs for file encryption. Other email encryption software programs convert plaintext to ciphertext, which is useful for encrypting email or text documents, but useless for encrypting images or other non-text files. Other encryption software simply enables you to store encrypted files on your computer.
In addition to the different encryption algorithms and models, there are different software interfaces. Some programs require you to locate the file you want to encrypt through a regular "file-open" dialogue window. Others, including PGP, allow you to encrypt a highlighted section of text that you select from an open document. Some email encryption programs include plug-ins that add buttons to your program menu, so you can encrypt a message with literally the touch of a button. These interface alternatives can be important for first-time users since they can make the software easier to use. They are also important for anyone who uses encryption daily, since a cumbersome encryption and decryption process may deter use.
When you try an encryption program, check for the features that you need (e.g. encrypts your email, encrypts your files, etc.), as well as its ease of use.
Some features you may find useful in any encryption software:
Some features you may find useful in email encryption software:
Some features you may find useful in file encryption software:
You should also become familiar with any encryption features that may have been built into your computer's operating system. If your computer's operating system includes features that provide the level of security you need, it may not be necessary to look for those features in third-party encryption software programs.
Features offered by:
Mac OS 9 includes some built-in encryption features that are relatively easy to use: Apple File Security and Apple Verifier. Located in the Security Folder (which is in the Applications Folder), these features allow Mac users to encrypt and decrypt files on their hard drives, and to verify the authenticity of files containing digital signatures. To encrypt or decrypt files, drag them onto the Apple File Security icon. To verify digital signatures, drag them onto the Apple Verifier icon. The Apple Help menu includes information on how to use these features.
The Unix security system is robust and complex. It employs a system of access control lists to determine which users have access to a given file or folder, and usually requires that users log-on to use the computer. (Keep in mind that access controls are not the same as encryption.) To learn more, check the following link: http://www.linuxdoc.org/HOWTO/Secure-Programs-HOWTO/features.html
Simply put, Windows 9x was not designed for robust security. Any user can alter or remove any file not currently in use, or even reboot into DOS from Windows 95 or 98 and have unrestricted access to any file on your computer. No third-party program can protect your data if the operating system has no built-in security features. We advise Windows 9x users who require a secure environment to install a WindowsNT-based operating system, preferably Windows 2000. (Privacy advocates have raised concerns about the new operating system that Microsoft is about to release, Windows XP. See http://www.epic.org/privacy/consumer/MS_complaint.pdf and http://www.epic.org/privacy/consumer/MS_complaint2.pdf for more information about this.)
The security tools in Windows NT are available on computers using the NTFS file system. Since NT is also used on computers with the FAT16 or FAT32 file systems, not all computers using the Windows NT operating system will have the security features described below. You can check your hard drives' file system by right-clicking the drive icon and viewing the "Properties" window. On Windows NT systems, many security settings can be reviewed and edited from the Group Policy Editor. Press "Start," press "Run," type "gpedit.msc," and hit "Enter"; the settings are under Computer Configuration / Windows Settings / Security Settings. (Again, keep in mind that access controls are not the same as encryption.)
Users
NT-based operating systems require a log-in to use the computer. The log-in requirement goes hand-in-hand with file permissions and encryption/decryption permissions (described below). Individual users or groups of users can be restricted from or given access to specific files or documents by using the Group Policy Editor.
File permissions
Hard drives formatted with the NTFS file system rely on "user permissions" for security. Every file and folder has an owner and an access control list (edited by the owner or those conferred editing power by the owner) to indicate which users may "modify, read or execute documents view folder contents, write to the file or folder, or have read-only access." In recent versions of Windows based on the NT kernel, you can see which user "owns" each file and folder within a given folder by using the Details view in Windows Explorer, right-clicking any tab at the top (e.g. Name, Size, Type, Date Modified), clicking "More," then "Owner."
Encryption
The NTFS file system has built-in support for file and folder encryption through the EFS (Encrypted File System) tool. Right-click a file or folder, select "Properties," look under Advanced, and check Encrypt to use this feature. Once Encrypt is checked, click Details to identify the users who can decrypt the file. (Caution: Don't forget to disable System Restore before encrypting any file that System Restore can affect, or else another user with Recovery access can use System Restore to decrypt your encrypted file.)
Certificates
Windows relies on "certificates" for public key security and for applications that provide for authentication, data integrity, and secure communications over networks. Users manage their own certificates.
The features listed above target email and file system encryption. You may also be interested in encryption for other applications, such as FTP and Telnet.
FTP (file transfer protocol) is inherently insecure because the program sends the user's log-in and password as plain text (i.e. unencrypted). You can encrypt the login and password, but the computer receiving the files must know how to decrypt them. Only a few FTP servers support secure connections, but there are some freeware programs available.
Telnet, a protocol used to access files on another computer, is similarly insecure because it sends the user's log-in and password as plain text. However, nearly anything you can do with Telnet can also be done with SSH (Secure Shell; look here for a FAQ). SSH was designed to be secure, but not all computers that support Telnet support SSH, since it's an entirely different protocol.
If you lock your door with a deadbolt instead of a chain, you make it more difficult for a burglar to get inside your home. Similarly, there are differences in the level of security that encryption software provides. Most of the well-known encryption algorithms that are considered "good" are mathematically complex enough to be difficult to break; otherwise, they wouldn't be so widely used. But even good algorithms are vulnerable to being broken if someone is persistent enough. In this section, we discuss the general vulnerabilities in encryption software, and offer tips that you can use to combat them. If you'd like more information on the vulnerabilities of a particular algorithm or software program, search the Web for reviews on its effectiveness.
General vulnerabilities include:
"Brute force" is another way of saying "trial and error." With this method, a "cracker" tries every possible key until he or she stumbles upon the correct one. No encryption software program it is entirely safe from the brute force method, but if the number of possible keys is high enough, it can make a program astronomically difficult to crack using brute force. For example, a 56-bit key has 256 possible keys. That's up to 72,057,594,037,927,936 – seventy-two quadrillion – keys that a cracker may have to try in order to find the correct one.
TIP: The more bits in a key, the more secure it is, so choose software with as many bits as possible. If you have a choice between 56-bit encryption and 128-bit encryption, for example, use the 128-bit encryption.
For more information on brute force cracking, please see Appendix A: "Brute Force" Cracking.
A "back door" is a security hole in a piece of software. A "back door" may be present because someone created it in the software with malicious intent, or by accident. Whatever the reason, if a malicious "cracker" discovers a "back door" in a program, he or she may be able to discover your key or password.
TIP: Make sure that the encryption software you choose has been rigorously tested. Read online reviews, and consider how long the software has been available. Visit the software's Web site periodically to check for patches and updates, and install them.
In every kind of encryption software, there is some kind of password that must be created so that the intended recipients of the information can read it. Creating a password that "hackers" or other malicious parties cannot easily guess is just as important as choosing a good algorithm or strong encryption software.
TIP: Take care to make a strong key. Use a varied set of characters, including lowercase and uppercase letters, numbers, and symbols (like spaces, colons, quote marks, dollar signs, etc.). A good password should be longer than eight characters; the longer it is, the harder it is to crack.
If you're concerned about remembering a long password, don't be. Even a long password made up of different types of characters can be easy to remember. Instead of using your daughter's name, "sally," for example, use "S411y is: #1 i/\/ mY b00k!!!". (Many password-guessing programs (see "Brute Force" Cracking) employ a database of English words that guesses passwords from various combinations of words, so it's a good idea not to use passwords made up exclusively of English words. Note that in the example above, numbers and characters are interspersed with letters.) Even better is to use a series of random letters, numbers, and symbols, so that it can't be guessed easily.
TIP: If you forget your password, you will not be able to decrypt data that you have encrypted. Be sure to make a backup copy of your password and store it in a safe place, such as on a floppy or zip disk, a CD, or a separate hard drive. You can also copy and paste your password into a new document, print the document, file the paper somewhere safe, and delete the document from your computer.
Besides checking the software described in our reviews, you might want to try other encryption software. As discussed below, before downloading or using any encryption software, please make sure that it is legal to use in your location. Check our section on legal availability for more information.
As noted earlier, one of the vulnerabilities of encryption software is a security hole known as a "back door," which may be present in a piece of software by accident or because someone created it in the software with malicious intent. For years, federal investigators tried to convince lawmakers that software developers should be required to intentionally create "back doors" to give authorities access to encrypted communications between individuals who are under surveillance for suspected criminal activities. Proponents referred to this as a "key escrow" system because authorities could go to court to get permission to use the key to unlock encrypted communications.
Privacy and civil liberties advocates fought these efforts, citing the importance of encryption to the work of human rights activists and the need for secure communications for online commerce. In the late 1990s, they were successful in convincing federal policy makers to loosen U.S. laws banning the export of strong encryption. However, the September 11, 2001 terrorist attacks on the World Trade Center and the Pentagon have prompted renewed calls for increased restrictions or outright bans on encryption. This, in turn, has generated renewed concern among privacy and civil liberties advocates about the potential loss of constitutionally protected rights. Lauren Weinstein and Peter G. Neumann, co-founders of People For Internet Responsibility, offered this perspective in a September 23, 2001 "PFIR Statement on Terrorism, Civil Liberties, and the Internet:"
"The techniques for strong encryption are now widely known and can be implemented on any PC or handheld computer. Attempts to outlaw, weaken, or mandate surveillance ‘backdoors' for such systems can only result in the vast honest population being saddled with vulnerable encryption systems for commerce and a wide range of other communications both on and off the Internet, all subject to a wide array of monitoring. Such surveillance could be instigated not only by ‘benign' governments, but also by a range of private parties who would inevitably penetrate the back-doors of such systems, not to mention other governments and entities (either now or in the future) who most decidedly won't be benign in nature."
There are many good sources of up-to-date information on the calls for increased restrictions on encryption that started after the September 11, 2001 terrorist attacks, including:
For more general information on the public policy aspects of encryption see "Links to further resources, focusing on encryption politics" in the following section.
We've listed some useful sites below. Bulleted subsections denote the page's focus and particularly useful resources. Items marked with an asterisk (*) are for readers interested in the more technical workings of encryption.
Cryptography at Electronic Frontiers Australia
Cryptography FAQs at FAQs.org
Other Miscellany
Links to technical resources for advanced encryption users
If you need to know more about a specific topic, try searching for it from your favorite Web search site.
Many programs and algorithms used for security purposes are not available outside of the United States because of U.S. export law. Some policy makers are now calling for increased restrictions on the use of encryption in response to the September 11, 2001 terrorist attacks on the World Trade Center and the Pentagon. Before acquiring or using any encryption software, you will need to make sure that it is legal to use in your location. In most cases, this information will be included in the licensing agreement. When downloading or installing software, read the licensing agreements. For the software reviews in this guide, we've tried to ascertain whether the programs are available outside of the U.S., but ultimately it's up to you to determine whether a given program is legal to use where you live. Some of the links provided below may help.
Bureau of Export Administration Encryption Export Regulations, houses all encryption rules published by BXA since export control jurisdiction was transferred from the State Department to the Commerce Department in 1996. At the time this guide was published, the most recent update was in October 2000.
Electronic Frontier Foundation's Crypto Export archive (contains political articles, discussions, and notes).
Information Security and Privacy in Network Environments (lengthy Sept. 1994 political report; use your browser's Search or Find function with the text "Government Policies and Cryptographic Safeguards" to find the relevant chapter).
RSA Laboratories' FAQ about Today's Cryptography: United States Cryptography Export/Import Laws (particular note of interest: reports on the legality of RSA and Triple-DES export).
Defined below are some of the terms used throughout this guide. For a more comprehensive look at cryptography terms, try some of the following sites:
Follow the link from the term to read more about it (often on another site).
A Block Cipher is a method for encrypting data in chunks (several or many contiguous bits) as opposed to encoding bit-by-bit like a stream cipher. (More information.)
A Stream Cipher is a method of encrypting data bit-by-bit, as opposed to encoding a contiguous chunk of data all at once like a block cipher. (More information.)
Acronyms and terms that you have encountered in this guide that are not listed here may be encryption standards or algorithms. For more information please see Appendix B: What are the different kinds of algorithms that encryption software programs utilize?
Diffie-Hellman is an encryption algorithm that employs the asymmetric key model.
"In 1976, Diffie and Hellman started an explosion of open research in cryptology when they first introduced the notion of public-key cryptography, which allows for new electronic means to handle key distribution in conventional cryptographic systems and for digital signatures in electronic messages." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)
"The Stanford patent on the Diffie-Hellman technique... expired in 1997 and [the technique] is now in the public domain." (Cylink Resource Library: Alternatives to RSA: Using Diffie-Hellman with DSS)
GOST is the U.S.S.R. 28147-89 standard protection algorithm, analogous to the U.S.'s DES. "The algorithms are similar in that both operate on 64-bit blocks by successively modifying half of the bits with a function of the other half." (GOST encryption algorithm: Russian analogue to US Standard?)
IDEA is a block cipher used in PGP. "IDEA, unlike the other block cipher algorithms discussed in this section, is patented by the Swiss firm of Ascom. They have, however, been generous in allowing, with permission, free noncommercial use of their algorithm, with the result that IDEA is best known as the block cipher algorithm used within the popular encryption program PGP." (IDEA (International Data Encryption Algorithm)
See "Data Encryption Standard (DES) and Triple-DES (3DES)"
"Twofish is a block cipher by Counterpane Labs. It was one of the five Advanced Encryption Standard (AES) finalists. Twofish is unpatented, and the source code is uncopyrighted and license-free; it is free for all uses." (Counterpane Internet Security: Twofish: A New Block Cipher) It operates under the symmetric key model.
RSA is a family of algorithms that employ the asymmetric key model. There are actually multiple incarnations of this algorithm; RC5 is one of the most common in use, and RC6 was a finalist algorithm for AES. Searching for how RSA works often yields a host of pages about how it works mathematically, because the U.S. patent on the RSA algorithm expired on September 21, 2000. (RSA Security, Inc. actually began offering the algorithm to the public before the 17-year-old patent expired.)