Encryption has been used by people in all situations such as in corporate, military and personal information. The history of encryption goes way back to when languages were first used. In battles and wars, the most important thing was secrecy of planned maneuvers. Aside, from military purposes, people who want to hide important information from the public have used encryption.
The oldest records of encryption or ciphers go back to more
than four thousands years. The first ciphers date back to the
early Egyptian times, when hieroglyphics were carved in stone.
Ancient Babylonians also used intaglio (a collage of
images) to
differentiate traders.
In ancient Greek days Spartan generals wrote their messages on a narrow strip of
parchment wrapped around a thin cylinder. When the
parchment was unwound, the message appeared as a nonsense
sequence of letters and could only be read by wrapping the
parchment around another cylinder of the same size. During the
fifth century BC, messages were sent tattooed onto the scalp of trusted
slaves. With the hair grown back, there was no indication that
a message was being carried at all. This sort of method
continued to be used until as recently as WWI, when agents were
sent across enemy lines with messages written onto their skin
in invisible ink.
A more
developed and systematic cipher was Julius Caesar’s method of
substituting alphabets by a certain rule. More
sophisticated methods have since been developed since the 18th century.
While the old methods substituted or transposed words,
new ones totally change the data from text to other
formats such as hiding the message within a musical score. During the
Second World War, American armies used Navajo
soldiers to translate orders back and forth.
Today, digital encryption converts text to binary data and a key, which is crucial for encryption, has been developed and is much more complex. In the early 1970's, the Data Encryption Standard algorithm (DES) was introduced and it uses a 56-bit key to encrypt and decrypt information. DES splits each message into blocks and then encodes each block one at a time. DES was adopted as an approved algorithm for US Federal use but is no longer considered adequately secure because a 56-bit key can be broken by trying every possible key or “brute force” in a relatively short time. The exact time depends on the speed of the computer that was used to try all the keys.
Hacking a DES encryption, as with any encryption method, depends on the hacker already knowing one of two things: the algorithm that was used or the key to unlock it. Without either of these, hacking DES is virtually impossible.
DES has since been superseded by the Advanced Encryption Standard (AES), using the Rijndael algorithm. AES operates with 128-, 192- or 256-bit keys. These are considered long enough to be safe for the foreseeable future as they would take millions of years to break using the fastest computers that are presently available. Recent encryptions have up to 256 bits of special keys, which makes even a supercomputer slow in trying all the possible combinations. This certainly ensures the security of data.
A key is a long sequence of bits used for encryption/decryption
algorithms. Such as the following 40-bit key below:
01001010 01100001 10001110 10011100 01110101
The encryption algorithm converts the original message
mathematically based on the key to create an encrypted message.
The decryption algorithm then restores an encrypted message to its
original form.
The Secure Sockets Layer (SSL) is used for secure transactions
like ecommerce and banking using a key for encryption and a
different key for decryption. Because SSL encryption depends so
heavily on keys, the effectiveness or strength of SSL
encryption depends on the key length (number of bits in a key). To
decode an SSL communication, one only needs the correct
decoding key.
In cryptography, a common decoding technique is brute force
decryption using a computer to try every possible key combination
one by one. Two-bit encryption, for example, involves four
possible key values.
Compared to 40-bit encryption, 128-bit encryption offers 88 additional bits of key length, which provides 309,485,009,821,345,068,724,781,056 possible combinations required for a brute-force crack.
Security experts estimate that cracking an 128-bit encryption
will require the computer resources of NASA and plenty of time.
Image encryption is the most secure solution for storing images
on a web server. Encrypted images cannot be displayed without
first being decrypted. Otherwise, they cannot be displayed,
making any images stored on a server not only secure from
unauthorized linking by the public, but they are also secure
from web hosting staff and your web master.
First developed by ArtistScope in 1998,
Secure Image is the
only solution that will display encrypted images on a web page
that can be viewed in all web browsers.
Encrypted images created by ArtistScope
copy protection software can
only be displayed from the owner's website because they are
domain locked. The key code for decryption is embedded into the image and when loaded, the security applet
or viewer object checks the key code against the URL that is displaying the website. If the encrypted image's key code does not match the website, the image is not displayed.
Encrypted images stored on your site are safe from staff
and your web host. They are also safe from retrieval from
browser cache (temporary internet files) because the image in
cache is the encrypted version and not one that has been
decrypted. Only ArtistScope's security applet can decrypt the
image and it does that only while displaying it on an
authorized website. The encrypted image is view only.
ArtistScope ensures that only licensed users can use the full
version of their image encryption programs by custom compiling
each program or order. License codes are not distributed.
Instead, the key codes are embedded into the compiled software,
ensuring that the technology is not distributed to hackers.
Today the most secure image protection is provided by
CopySafe Web
Protection for hosted web sites, and the
ArtistScope Site
Protection System (ASPS) for dedicated/virtual servers.
Encryption and decryption are common techniques in cryptography
and the scientific discipline behind secure communications.
There have been some JavaScript solutions for encoding and
encrypting the HTML on web pages but the protection that
they offered was grossly over-rated and they could be easily
exploited.
SSL can provide a secure socket layer to prevent data
extraction in transit, but the end destination is still a
user's web browser where data can be retrieved from the
browser cache or computer memory. In fact any web browser
can be used. Theoretically, to properly protect web page
information and prevent data leakage, one needs a secure
tunnel between sender and receiver with the means of
preventing access to unauthorized users. But once received
that data needs to remain secure and the ideal is a "for
your eyes only scenario" where the data cannot be copied and
shared.
The main advantage of using web page encryption is that the
web page can check which web
browser is being used to prevent its data from being scraped by
data miners and scrapers. Online ads are big business and ad
revenue depends on content that people are searching for.
Some data miners manage hundreds of web sites populating
their content from everybody else's web site.
Another advantage is that one can protect their livelihood by
preventing their competitors from plagiarizing information
intended for in-house use or paying customers.
Everyone's first concern is usually about download time and how much longer it will take for the page to be decrypted as it downloads than a normal web page would. Unless a web server is critically overloaded the decryption process only takes milliseconds so that should not be an issue.
However the reason for a noticeable delay with delivering encrypted web pages will
be due to the fact that modern web browsers can display web
pages as they are downloading. But with encrypted content,
usually the download needs to be completed before it can be
decrypted.
Another disadvantage to some may be that protected content
cannot be search engine (SEO) friendly. Nor should it be
because to do so would expose it to exploit and why bother
protecting it in the first place? For search engines
"doorway pages" can be provided that offer a preview but not
the full information that you need to protect.
To deliver encrypted web pages, they need to be decrypted on the fly, since the page is being created from data records and templates. Therefore, a two-way hash is required (for encryption and then decryption), which cuts out most of the super secure encryption algorithms that are available today because they are mostly one-way hash. To decrypt the database record representing the web page a password or key is required.
A key is a long sequence of bits used for encryption/decryption
algorithms.
The encryption algorithm converts the original message
mathematically, based on the key to create the encrypted message.
The decryption algorithm restores an encrypted message to its
original form.
An encrypted web page is only as good as the method used to
encrypt it, and only secure if the decryption key is not easily
obtained through either guess work or by downloading the key
from the web part. So the encryption key needs to be as complex
as possible to protect from simple guess work and persistently
generated attacks.
But it does not matter how complex the decryption key is if the key is easily obtained. For this reason, any HTML encryption process based upon or using JavaScript or other code that can be downloaded as part of a web page, can never be considered secure. JavaScript encryption is
popular because it does not require anything more than a website and a normal HTML web page.
Even if the JavaScript uses complex algorithms it is not secure because
the decryption key is in the HTML of the web page. If it were compiled, it can be undone because the visitor has all the components, including the key. If a page is using JavaScript
"encoding", then it is too easy to undo. Simply search for one of the many
online resources that are providing a free service to anyone who can copy and paste.
ArtistScope web protection solutions do not rely on JavaScript
for encryption or decryption techniques. Instead ArtistScope uses private-key algorithms that
are not part of the web
page and cannot be extracted. The decryption
keys are only known to the web server and the viewing software.
Over the years ArtistScope has
developed many web protection solutions that were never
ideal mainly because they were dependent on popular web
browsers that were designed to exploit web media. Our CopySafe images, PDF and video, but unless the HTML is also
protected, data and links to unprotected media can easily be
downloaded via the hyperlinks found in the html.
To be able to properly secure the HTML on web pages,
ArtistScope had to develop a new browser specially designed
from the ground up with copy protection in mind. The
ArtisBrowser makes the ArtistScope Site
Protection System (ASPS) possible by decoding and
protecting ASPS web pages while on display. When SSL is used
the web page's data is even safe from packet sniffers. When
used with either ASPS,
CopySafe PDF,
CopySafe Video
or CopySafe Web,
the ArtisBrowser switches
into "protection mode" with options for protecting HTML and
all media displayed on the page from all copy including
PrintScreen and screen capture. The HTML cannot be retrieved
from browser cache or computer memory, providing the most
secure copy protection on the
planet for Internet data.