Cyber Security Assignment Explaining Open Source Cryptography Tools
Task: Write a report on cyber security assignment on various open sources cryptography tools.
Data security is one of the most priority in the 20th century. There are a lot of tools and techniques that are used to protect the data. This is necessary because a lot of people are not worried about the consequence of the data being misused with their knowledge. If people use some device or software application such as Bit locker, LastPass, and other cryptographic tools are used to save and protect the data (Fujdiak, et al 2015). All the working process, features, advantages, and disadvantages of the cryptographic tools are discussed below:
This is a file encryption software that is used for server operating system file encryption. This is open-source software. It works on all the devices running with Windows, Android, macOS, and IOS that uses AES encryption. If some of the files need to be encrypted, we can easily do the encryption just by uploading the files to the cloud. GUI of the application is designed most simply so that with just a few clicks encryption can be performed. AES cryptography is a symmetric algorithm cryptography where an encryption key is used for encrypting the data and decrypting the data. It consists of a 128-bit encryption key with 10 rounds. Also, it is performed in four steps 1. substitution step, 2. Row-Shifting step, 3. Column-mixing step and 4. Round-key step (McLean 2012).
• It can be implemented both in hardware and software
• It consists of 128-bit, 192 bit, and 256 bits key length
• It is implemented in many applications since it is defined to be standard by NIST.
The key that is used for encryption is not properly done then it will create a cryptanalytic attack so key scheduling should be carefully done.
This is used in the common windows operating system. This tool is used to encrypt the file system.
Suppose we are using the same computer with multiple accounts and the user feels that some of the data should not be visible to other users we can use bit locker to secure the data. This comes preinstalled in the Windows operating system. We can use an external device to save the encrypted files (Adamovic, et al 2018).
• It is easy to use both as a technician and the user. The installation steps are simple and it is easy to encrypt the system.
• It protects the system from intruders and data breaches. it is best to protect the confidential data.
• Using this software, the system is slow-down. it will take more time to complete and it depends on the hard disk size.
• It is necessary to secure the recovery key. if it is lost then it is difficult to unlock the device.
Computer network security plays a major role in the network because hackers can easily steal information from the network. OPEN SSL is an application to secure communication among computer networks. This can prevent attacks like snooping and eavesdropping in the network so this is widely available for Linux, Mac, and Windows operating systems. This is easier to execute because cryptographic functions are written in C programming (Jana, et al 2018).
• It has good license terms, source code availability, platform independence, and functionality.
• No proper documentation, poor code quality and does not support any crypto standards.
Each device and application password plays a role in accessing the resources. Lastpass is a tool that is used to manage the password for the users. There is a lot of websites where the user needs to registers and store the passwords. The data can be breached if the password is not too complex and easy for the other users to hack into it. If we can use LastPass, this tool stores the password in an encrypted format and it can generate passwords that are complex and strong. We can also use two-factor authentications if the application is needed (Maqsood, et al 2017) (Oguntunde, et al 2018).
• It is user friendly for the employees to locate the vendor, website access, and auto-sign.
• Passwords and other information are stored in a single place. Password shout is reset again where the password is not saved on the website. The password should be saved when pop-up so at the end of the website, the session password should be saved.
• Batch setup is required and it is more preferred.
• There are some issues in saving the passwords in the encrypted format.
File protection is given high priority in computing. Veracrypt is open-source software that is used to create the virtual encrypted disk. This project was developed by keeping the key functionality called True Crypt. Vera crypt has more functionality than TrueCrypt in decryptions and speed of encryptions(Cho 2019).
• The whole drive in the system can be encrypted and it can create hidden encrypted volumes inside other volumes.
• This piece of software can be operated on many operating systems like windows, mac and Linux.
• Another advantage of the software is that it is open source so anyone can use the application by downloading it from the official website.
• There are more than one encryption standard that can be used to encrypt the disk like AES, two fish, serpent, etc.
• Brute force is a common attack that is used to steal information. VeraCrypt application is one of the few applications which has a high resistance to the attack.
• Installing on the volume the first time will take some time for execution
• Few critical vulnerabilities have been identified in the software in the latest audit
• The encryption process is very complex. As this is an open-source project the user needs to spend time on it.
This is also an open-source tool that provides encryption to the disk as it has General Public. The license so anyone can use the software for general and commercial use. Another advantage of using the application is programming in the C program. We need to select the disk which is we need to encrypt. Each software will be running on a different algorithm. Time taken for each software will be different(Bisht and Singh 2015).
• It can encrypt internal disk as well as external disks
• Parallel encryption is possible
• The size of the software is small so it can be installed easily
• Custom shorts cuts are available so it is easy for the user to mount the drives and unmount the drives.
• Encryption can be performed on dynamic disks and RAID volumes which may be useful in the different work environment
• We can also encrypt the ISO images
• If the disk is full of files that are not recognizable by the company it is very difficult to handles such files
• Not many help files/documentation
• updating or new version of the software was not done from, 2014
This is a well-known application software used for file compression. It uses AES 256 Encryption standard. It can be used for compressing documents for mails and it can be used in a large number of formats. While compressing a large number of files this can be used to speed up the files accessing by the processor for the large number of files. It is very useful in compressing the video(Cho 2019).
• It is very helpful in sending all the files over the internet in a quick manner
• If we are sending over the web some of the files might be corrupted and thus it preserves the originality of the files
• All the compressed files which is sent to the receiver should be uncompressed because the recipient can use the files. It is sometimes problematic if the user doesn’t know how to use the software.
Tor browser is an open-source network that provides anonymity during web surf. It is used for searching the normal website and the dark website without providing any personal identification such as IP address, network name, etc. It prevents the tracing of search history and user location. Tor browser passes the traffic via nodes that are selected randomly. This method of routing is known as onion routing. The traffic is encrypted and sent via different nodes known as onion routers. This type of routing hides the IP address of the user thereby protecting them(Bisht and Singh 2015).
• Dark websites and blocked websites can be accessed
• The IP address can be hidden
• Using Tor, non-indexed pages in google, bing, etc. can be accessed.
• It protects the information that is communicated via the network
• Large files cannot be uploaded and downloaded
• Since many users are using it the network is very slow
• It is used for any illegal activities so it should be used carefully
CyberGhost is like a middle where it is concerned for its recognition. when we use CyberGhost, the traffic sends via an encrypted tunnel. The data could not be intercepted. The only Internet Service provider knows that the device is connected to the VPN server because the Internet protocol is hidden and the website could not be tracked further(Vanitha, et al 2018).
• It hides the IP address and makes to surf as an anonymous user
• It protects the digital identity
• Unblocked websites
• Protects the connection with public Wi-Fi
• It has only limited payable options
It is mainly created for Mac users. It uses 128-bit AES with the recovery key. The disk image is used for presenting the home directory. When it is enabled the user is invited for creating a master password. In case if the password is lost, the recovery key is used for decrypting the file. file vault 2 encrypts the data in the hard drive. If the data is not encrypted then the program that runs in the mac views the data. this makes to back up the data by logged in even though the system is not unlocked. When the files are copied then the service, local drive and time machine destination will be unencrypted(Vanitha, et al 2018).
• It is designed by Apple particularly for the apple users
• It supports hardware, even though there is no proper support provided by apple. deploying the file vault 2 can be managed either by local or central with the IT department.
• File vault does not encrypt the disk completely. this affects the hardware and the features of file vault2 are not supported.
• Backing up of data using the Time machine can be done when the user terminates the session. Time machine server acts as a destination path that needs macOS for performing online backups.
All though there are various applications in the market which may be open-source freeware or paid versions. It is always necessary for people to keep the data safe and secure. People who are using such applications and devices with their daily routine should take an extra step to check if the data is secured in the device or application. A strong password can be recommended for such a user. Many tools are used for securing the information by encryption methods. Tools such as AESCrypt, OpenSSL, BitLocker are used for encrypting the information. Various advantages and disadvantages of tools are discussed. All the tools are used for securing the information by encryption and it is the best way to use the cryptographic tools for protecting the information.
Adamovic, S., Sarac, M., Stamenkovic, D. and Radovanovic, D., 2018. The importance of the using software tools for learning modern cryptography. Int. J. Eng. Educ., 34(1), pp.256-262. Bisht, N. and Singh, S., 2015. A comparative study of some symmetric and asymmetric key cryptography algorithms. International journal of innovative research in science, engineering and technology, 4(3), pp.1028-1031.
Cho, J.Y., 2019, November. Securing Optical Networks by Modern Cryptographic Techniques. In Nordic Conference on Secure IT Systems (pp. 120-133). Springer, Cham.
Fujdiak, R., Masek, P., Hosek, J., Mlynek, P. and Misurec, J., 2015, October. Efficiency evaluation of different types of cryptography curves on low-power devices. In 2015 7th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT) (pp. 269-274). IEEE.
Jana, B., Chakraborty, M., Mandal, T. and Kule, M., 2018, May. An Overview on Security Issues in Modern Cryptographic Techniques. In Proceedings of 3rd International Conference on Internet of Things and Connected Technologies (ICIoTCT) (pp. 26-27).
Maqsood, F., Ahmed, M., Ali, M.M. and Shah, M.A., 2017. Cryptography: A comparative analysis for modern techniques. International Journal of Advanced Computer Science and Applications, 8(6), pp.442-448.
McLean, R.K., 2012, June. Comparing static security analysis tools using open source software. In 2012 IEEE Sixth International Conference on Software Security and Reliability Companion (pp. 68-74). IEEE.
Oguntunde, B.O., Arekete, S.A., Odim, M.O. and Olakanmi, O.I., 2017. A Comparative Study of Some Traditional and Modern Cryptographic Techniques.
International Journal of Engineering and Management Research (IJEMR), 7(6), pp.76-82.
Vanitha, K., Anitha, K., Rahaman, A.M. and Musthafa, M.M., 2018. Analysis of Cryptographic Techniques in Network Security. Journal of Applied Science and Computations, 5(8), pp.155-163.