Future university
Computer Engineering
SEM (8)
Cryptography
Safe house Encryption
By:Sami awad Mohammed 2009-01028
Muntaser salah 2009-01027
Supervisor:DR:-Medi nazar
SafeHouse uses a technology known as encryption to provide the industrialstrength protection for your files. Encryption is the process of scrambling files and
data based on passwords and special keys. This scrambled data can later be
returned to its normal state using a companion process known as decryption.
This may sound complicated, and indeed, it is. In fact, it's the same technology
used by governments and seen in many spy movies.
The good news is that SafeHouse does all this work in the background. You'll
never need to know anything about encryption to use this product.
If it's completely transparent, why mention it?
Now that we've mentioned that you don't need to know anything about
encryption, you might wonder why we've even brought it up in the first place. The
reason is many people want to know which technologies are used under the hood.
Like the anti-lock brakes on your car, you may not know or care how they work,
but you do know that they're good to have, and you might only buy cars that have
them.
You should only use data privacy products which are based on strong encryption!
And don't be fooled. Password protection is not the same as encryption. You
already are using passwords to log into Windows, but these passwords are not
protecting your files from being snooped. Maybe you already know this -- which is
why you chose to use SafeHouse Explorer.
Why can SafeHouse's Encryption be Trusted?
Encryption is complicated stuff. Fortunately, it's a stable technology which is used
all over the world in millions of products. The programmers behind SafeHouse
Explorer did not invent any new encryption methods which might be subject to
scrutiny or challenge. Instead, SafeHouse Explorer incorporates proven, industrystandard encryption algorithms which are in common every-day products and have
withstood the test of time.
In fact, SafeHouse Explorer uses some of the same encryption technologies that
you already use on a daily basis when you make credit card purchases over the
Internet. You've probably come to look for that familiar lock icon in your browser
before daring to enter your credit card. We do pretty much the same thing for
files. Think of it as merely repackaging.
How Strong is the Encryption?
The encryption strength of the algorithms built into SafeHouse Explorer are some
of the strongest available in the commercial world. Most experts agree that the
time to crack a 128-bit encryption key using a brute force attack is longer than
the entire history of the world, or longer. A brute force attack is one where all
possible key combinations are tried until one is found to work. As such, the reality
is that this is not how a determined intruder would attempt to gain access to your
files -- the seemingly- infinite number of mathematical combinations makes this
approach all but impossible.





Dictionary Attacks
A more likely way a knowledgeable intruder would try to get at your files is with
what is known as a dictionary attack. This is where they try thousands of
strategically-chosen passwords to see if you might have used something like a
birth date, pet's name, sports team or word from the English dictionary. Since
people tend to be predictable or lazy in how they choose passwords, this kind of
attack has a reasonable chance of succeeding when poor passwords are used.
SafeHouse Professional Edition (available separately as a commercial product)
helps protect you from dictionary attacks by including its own internal 250,000word dictionary of common words and phases. If you choose a password which is
found in this database, the password strength meter will remain completely red to
warn you that the password is extremely vulnerable to attack.
Other Human Factors
Given the strength of modern-day encryption technologies, the truth is that most
intruders are well-aware that trying to break the encryption is generally pointless.
Dictionary attacks have merit when short passwords are used, but the easiest
breaks of all are based on human factors. People invariably write passwords on
sticky notes taped to their machines, or write their PIN codes on the back of
smartcards. Computers are left on and unlocked when people go to lunch. And
unfortunately, there's always the threat of violence. More often than not, intruders
find that exploiting the vulnerabilities of human behavior is the fastest path to
your data.
Which Encryption Standards does SafeHouse Support?
We've tried to spare you the details, but if you really need to know, below is a list
of the industry-standard encryption technologies which are incorporated into the
SafeHouse product line.
Advanced Encryption Standard, also known as AES and Rijndael, 128 and 256 bits
Twofish, 128 and 256 bits
Blowfish, 448 bits
Data Encryption Standards, also known as DES, 64 bits
Triple DES, 168 bits
SafeHouse Explorer generally uses 256-bit Twofish encryption; however, when
SafeHouse Professional Edition is installed on the same machine, SafeHouse
Explorer is then able to automatically offer some of the additional encryption
methods found only in the Professional Edition.
SafeHouse Personal Edition and SafeHouse Explorer always use 256-bit Twofish
encryption.
SafeHouse Professional Edition defaults to using 256-bit Twofish encryption,
however, you can choose amongst the other methods by selecting the advanced
options mode on the Create Volume wizard.