-1

what is securest encryption algorithm for file encryption (ie : AES or sha1 , ... ) ,also does hackers able to find encrypted files password ?

Ata
  • 12,126
  • 19
  • 63
  • 97
  • Can you be more specific about what you're trying to do? – brokenbeatnik Sep 20 '10 at 16:29
  • 3
    I would vote to close as 'too vague' if I could – Steve Townsend Sep 20 '10 at 16:30
  • Please check English grammar. It would be: "What is the most secure encryption algorithm for file encryption? Are hackers able to find encrypted files password?" – Ramon Araujo Sep 20 '10 at 16:31
  • What is vague about it? He is asking for the most secure file encryption algorithm. A suitable answer would be several such algorithms with their relative pros and cons. – Paul Ruane Sep 20 '10 at 16:32
  • 2
    Securest *against what threat*? Security cannot be measured except in the context of a *specific threat*. Is the threat eavesdropping? Repudiation? What is the threat? (More thoughts on this: http://blogs.msdn.com/b/ericlippert/archive/2008/08/19/tasty-beverages.aspx) – Eric Lippert Sep 20 '10 at 16:33
  • 2
    AES is encryption, SHA1 is hashing. There's a difference. – Malfist Sep 20 '10 at 16:53

4 Answers4

7

The most secure encryption algorithm is not sending or using sensitive data (or data derived from that data) in the first place.

MSN
  • 53,214
  • 7
  • 75
  • 105
  • 1
    Actually, wouldn't the most secure encryption algorithm be not creating the data in the first place? Until they develop miniature portable MRI scanners, that is... – CanSpice Sep 20 '10 at 16:32
  • At that point though you aren't really securing anything that needs securing. But yes, the ultimate security strategy is to not have anything to secure in the first place. – MSN Sep 20 '10 at 16:55
4

The most secure encryption algorithm is using a one-time pad generated using a perfect entropy source.

Edit (by Jerry -- really too long to fit in a comment): Yes, there are a few types of attacks to which (at least a typical implementation of) a one-time pad is vulnerable. One is the ability to change a message, even though you don't know what it was to start with.

Just for example, consider a system being used to transmit ballots where people have voted in a primary election. For simplicity, we'll assume a particular election has two candidates, so (before encryption) a zero bit means a vote for one candidate, and a one bit a vote for the other.

These ballots are then encrypted with a one-time pad, which means there's no way for me to figure out whether the original value was a 0 or a 1 -- but the attacker doesn't necessarily care. Flipping the bit changes the vote, regardless of its original value. Flipping the bits in all (or even many of) the ballots make the "winner" of the primary the weaker of the two candidates -- the one preferred by fewer of that party's voters.

In the final election, voters in that party are (somewhat) less likely to vote at all because they can't vote for the person they really favor. A few may even dislike the "winner" of the primary enough that they'll vote for the other party's candidate instead. In a close election, this could well be enough to let that other party's candidate win.

By Matti: Changing the message is entirely different from decryption, and there are other ways to combat that. For example, you could sign the message to prevent that. Of course we're still only talking about probabilities, but that's what cryptography is all about. You can decode a one-time pad message if you're extremely lucky, but extreme luck is usually not considered a factor.

Matti Virkkunen
  • 63,558
  • 9
  • 127
  • 159
  • 1
    +1: IIRC is the 'only' provably secure algorithhm. However, in most use casess it isn't practical. – torak Sep 20 '10 at 16:34
  • A one time pad is provably secure against certain types of attacks, but *not* all possible attacks. Other forms of encryption can be more secure against some attacks (even though they're clearly less secure against others). – Jerry Coffin Sep 20 '10 at 16:35
  • @Jerry: Really? Assuming there are no stupid blunders such as re-using the pad or leaking it, what attacks are they vulnerable to? – Matti Virkkunen Sep 20 '10 at 16:37
  • @Jerry: I replied to your... edit-comment. – Matti Virkkunen Sep 20 '10 at 17:24
  • You're quite right -- one problem here is that the OP didn't really specify enough about what he want security *aginst*. He does mention recovering a password, but doesn't really say whether that's all he cares about or not. In any case, whether he does or not, others can/may/do. – Jerry Coffin Sep 20 '10 at 17:28
0

At risk of feeding the troll, have a look at 128-bit AES encryption.

Community
  • 1
  • 1
0

First of all: I do not know the answer to your question. However, if I were looking for this information, aswell as the obvious web searches, I would look at the algorithms offered by the popular, open-source encryption application TrueCrypt. You should be able to look up each one to find out their relatives strengths and weaknesses and apply this knowledge to the problem you are trying to solve.

Paul Ruane
  • 37,459
  • 12
  • 63
  • 82