JEFF HOWELL
  • Home
  • About
  • Cyber Security Fundementals
    • Threats and Vulnerabilities
    • Reference Monitor
    • Links to Additional Resources
  • Cryptography
    • Block Ciphers
    • Hash Functions
    • Message Authentication Codes (MAC's)
    • Kerberos Key Management (Single sign-on)
    • Public Key Infrastructure (PKI)
    • Links to Additional Resources
  • Secure Architecture
    • Architecture Strategy
    • Contextual Security Architecture
    • Conceptual Security Architecture
    • Logical Security Architecture
    • Physical Security Architecture
    • Component Security Architecture
    • Operations
    • Supporting Materials
  • Reference Link Library
    • Industry Websites
    • Government Resources
    • Cyber Security News
    • Certification and Training
    • Books
    • Cyber Security Tools
  • Risk Management
    • Supporting Materials
  • Operational Policy
    • Laws and Regualations
    • Data Classification
    • Policy Implementation and Enforcement
    • Supporting Materials
  • Management and Cyber Security
    • Contingency Planning
    • ROI of Cyber Security
    • Staffing Models
    • Links to Additional Resources
  • Secure Software Design and Development
    • Heartbleed Details
    • Mobile Device Vulnerabilities
    • Links to Additional Resources
  • Network Visualization and Vulnerability Detection
    • Visualizing the Network
    • Protecting the Perimeter
    • Vulnerability Detection
    • Sniffing Wireless Networks
    • Links to Additional Resources
  • Cyber Threat Intelligence
    • Links to Additional Resources
  • Incident Response and Computer Network Forensics
    • Links to Additional Resources

Block Cipher Definition

Picture
​In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called a block, with an unvarying transformation that is specified by a symmetric key. Block ciphers operate as important elementary components in the design of many cryptographic protocols, and are widely used to implement encryption of bulk data.

Block Cipher Principles

  • The stronger the encryption the hungrier the algorithm for CPU resources. However, the speed of modern processors is beginning to negate this issue
  • Longer key lengths generally offer stronger encryption than short keys
  • Asymmetric encryption is weaker than symmetric encryption using the same key length, but it is relatively slow.
  • Block ciphers with long keys offer more strength than stream ciphers
  • Passwords with long strings and unfamiliar words found in the English language are harder to crack
  • When encrypting lots of data, it is best to encrypt the data using a symmetric key, and encrypt the symmetric key with an asymmetric key.
  • Encrypted data cannot be compressed, but compressed data can be encrypted. If compression is used, if encryption is used, it is best to compress data before encrypting it.
  • Best not use FTP
  • Double encrypt, send encrypted files over an encrypted connection
  • Use VPN for remote access
  • Always use SSL for web access to any protected data
  • If portable devices are required, then full disk encryption (file and folder level encryption)
Jeff Howell  -  San Carlos, CA  -  Privacy Statement - email Jeff
  • Home
  • About
  • Cyber Security Fundementals
    • Threats and Vulnerabilities
    • Reference Monitor
    • Links to Additional Resources
  • Cryptography
    • Block Ciphers
    • Hash Functions
    • Message Authentication Codes (MAC's)
    • Kerberos Key Management (Single sign-on)
    • Public Key Infrastructure (PKI)
    • Links to Additional Resources
  • Secure Architecture
    • Architecture Strategy
    • Contextual Security Architecture
    • Conceptual Security Architecture
    • Logical Security Architecture
    • Physical Security Architecture
    • Component Security Architecture
    • Operations
    • Supporting Materials
  • Reference Link Library
    • Industry Websites
    • Government Resources
    • Cyber Security News
    • Certification and Training
    • Books
    • Cyber Security Tools
  • Risk Management
    • Supporting Materials
  • Operational Policy
    • Laws and Regualations
    • Data Classification
    • Policy Implementation and Enforcement
    • Supporting Materials
  • Management and Cyber Security
    • Contingency Planning
    • ROI of Cyber Security
    • Staffing Models
    • Links to Additional Resources
  • Secure Software Design and Development
    • Heartbleed Details
    • Mobile Device Vulnerabilities
    • Links to Additional Resources
  • Network Visualization and Vulnerability Detection
    • Visualizing the Network
    • Protecting the Perimeter
    • Vulnerability Detection
    • Sniffing Wireless Networks
    • Links to Additional Resources
  • Cyber Threat Intelligence
    • Links to Additional Resources
  • Incident Response and Computer Network Forensics
    • Links to Additional Resources