What is the Difference Between 40-bit and 128-bit Encryption?
An Article by your Guide Bradley Mitchell
We rely on encryption on the Internet more than ever before. For shopping, paying bills, banking online, and many other purposes, it's important that our Internet transactions remain as secure as possible. Encryption is an especially popular and effective technique for maintaining Internet security... (see below)
What is Encryption?The process of encryption hides data or the contents of a message in such a way that the original information can be recovered through a corresponding decryption process. Encryption and decryption are common techniques in cryptography, the scientific discipline behind secure communications.
Many different encryption / decryption processes or algorithms exist. It turns out that in cryptography, it's very difficult to keep the logic of an algorithm truly secret. Especially on the Internet, it's generally much easier to use well-known public algorithms, and rely on alternative forms of protection.
What is a Key?
In computer cryptography, a key is a long sequence of bits used by encryption / decryption algorithms. For example, the following represents a hypothetical 40-bit key:
00001010 01101001 10011110 00011100 01010101
A given encryption algorithm takes the original message, and a key, and alters the original message mathematically based on the key's bits to create a new encrypted message. Likewise, a decryption algorithm takes an encrypted message and restores it to its original form using one or more keys.
Some cryptographic algorithms use a single key for both encryption and decryption. Such a key must be kept secret; otherwise, anyone who had knowledge of the key used to send a message could supply that key to the decryption algorithm to read that message.
Other algorithms use one key for encryption and a second, different key for decryption. In this case the encryption key can remain public, because without knowledge of the decryption key, messages cannot be read.
In general, keys provide the necessary protection to encrypt and decrypt network communications on the Internet.
Encryption on the Internet
Modern Web browsers use the Secure Sockets Layer (SSL) protocol for secure transactions like ecommerce purchases and banking. SSL works by using a public key for encryption and a different private key for decryption.
Because SSL encryption depends so heavily on keys, one normally measures the effectiveness or strength of SSL encryption in terms of key length - number of bits in the key.
The early implementations of SSL in Web browsers, first Netscape 3 and then Microsoft Internet Explorer 3, used a 40-bit SSL encryption standard. Unfortunately, 40-bit encryption proved too easy to decipher or crack in practice. To decipher an SSL communication, one simply needs to generate the correct decoding key.
In cryptography, a common deciphering technique is brute-force decryption; essentially, using a computer to exhaustively calculate and try every possible key one by one. 2-bit encryption, for example, involves four possible key values:
00, 01, 10, and 113-bit encryption involves eight possible values, 4-bit encryption 16 possible values, and so on. Mathematically speaking, 2n possible values exist for an n-bit key.
While 240 may seem like a very large number, it is not very difficult for modern computers to crack this many combinations in a reasonable time period. The makers of Web browser software recognized the need to increase the strength of encryption and moved to a new standard, 128-bit encryption several years ago.
Compared to 40-bit encryption, 128-bit encryption offers 88 additional bits of key length. This translates to 288 or a whopping
309,485,009,821,345,068,724,781,056additional combinations required for a brute-force crack.
Based on the past history of improvements in computer performance, security experts expect that 128-bit encryption will work well on the Internet for at least the next ten years.