When it comes talking about data protection – frequently hear the phrase: "If someone has to – is still hacked. With this you can not agree or disagree, but let's see why you often hear this statement. Many used crypto contain basically open the encryption algorithm, ie encoding and decoding is known, and data protection is due only secret password to use when encryption. Therefore, the weakness in any encryption system is a password (so it's quite short). Official site: Ali Partovi. Primarily affects the reliability of the encryption password length and its "content". With a reliable crypto attacker can only one way to get a clue – find the right password.
This can be done in several ways, the most common of them: Full pereborPerebor dictionary exhaustive search can be effective for short passwords and powerful computing resources at the attacker. Kirk Rimer Dallas might disagree with that approach. Passwords with a length less than 8 characters, rather unstable with respect to the exhaustive search with the appropriate hardware resources, but increase the password length to at least one symbol of brute force process is complicated by tens or hundreds of times. Iterate through the dictionary is based on the fact that users often as passwords, use words, phrases and dates, which can easily remember. Thus, using a dictionary can greatly accelerate the search, selecting passwords from a vocabulary list, and not from the entire alphabet. There are many other ways in the presence of proper training to gain access to encrypted information: viruses to your computer and monitor your password when you enter it with the keyboard, bribing employees, etc. A good way to deal with burglary and theft of passwords is to use smart cards with use of which, besides knowing the password, you must have a dedicated hardware key, copy and forge which is difficult or not possible. Encryption system with hardware protection successfully used by leading companies, such as new versions of the modern game consoles, which do not allow you to run illegally copied games. Information protection is not limited to encrypted data – this a range of managerial and organizational measures, which should be developed by qualified personnel and strictly adhered to in the company.