In the lexicon or glossary explains abylonsoft topics of general interest around the offered software products, computers and technology. The column with the letter A contains 7 entries, like for example Access Control.
The symmetric encryption method AES (Advanced Encryption Standard) is a block encryption and the official successor of the DES method. In 2000, the Belgian algorithm RIJNDAEL won the official competition of the NIST (National Institute of Standards and Technologyim). The jurors justified their decision with the arguments that Rijndael is safe, relatively easy to implement in software and hardware and thus offers sufficient protection for the next 100 years (this is of course a rough estimate). In the meantime, however, vulnerabilities and points of attack have emerged. The block size is 128 bits and the key length can be 128, 192, or 256 bits.
The AES encryption method is still one of the most common encryption methods. Many everyday applications use the AES algorithm, such as:
This selection already shows that a gap or vulnerability in the AES algorithm would lead to serious problems. Fortunately, the current computing power of computers is not sufficient to launch a brute force attack against this encryption method and even the "alleged" vulnerabilities do not allow an effective attack.
ASN.1 (Abstract Syntax Notation One) is a system-independent data format and is used to exchange information between different systems.
For persons or employees, access to a protected area or room can be controlled by means of access control. This access control can be carried out by security personnel such as a gatekeeper. In times of high personnel costs, however, a technical solution for access control is increasingly chosen. These offer a high degree of flexibility and can be managed and monitored from a central location. The user is usually given a chip card for authentication. This enables access to the protected area via a corresponding card reader connected to an automatic door or sluice. A distinction is made between contact and contactless technology, whereby nowadays the radio variant is generally used. The copying and manipulation of the chip cards is usually prevented by a crypto chip card, whereby authentication takes place according to the challenge-response procedure. In addition, the security of access control can be increased by a secret PIN or biometric features (e.g. fingerprint, iris, historical features, etc.).
In the digital area, the login to a PC, a program or a digital area is referred to as access control. Comparable mechanisms or procedures are used. The same card is often used for access authorisation to a room and for logging on to the computer. Logging on to the PC and logging on with a chip card or an alternative hardware key replaces entering the correct logon name and associated password. As examples for a Windows login with a chip card, a USB stick or Key-Fob as Authentificationsmerkmal the software abylon LOGON or abylon LOGON Business is to be named. A two-factor authentication by hardware and password combination is also possible.
Spyware is a program or function that spies on data and behavior without the user's knowledge. AntiSpy programs provide protection against this by preventing the monitoring functions, preventing communication with the recipient or anonymizing the user. States, web operators or criminals can be used as monitoring authorities. AntiSpy features make it more difficult to monitor users and protect their privacy.
The process monitoring software abylon APP-BLOCKER offers the following AntiSpy functions:
In contrast to symmetric encryption (Sectret Key procedure) with your insecure step of key exchange, asymmetric encryption (Public Key procedure) offers the possibility of secure communication via insecure communication channels (Internet) by using a key pair (private and public key). The generally accessible public key (picture: red) of person A is used to encrypt the file. Afterwards, secure data exchange is also possible via insecure channels such as the Internet, because only person A can decrypt the file with his private (secret) key (picture: blue).
Of the encryption methods mentioned above (asymmetric and symmetric), asymmetric encryption (public key method) is always the secure method. The disadvantage is the high mathematical effort and thus the difficulty to encrypt large amounts of data ONLINE. For this reason, a hybrid method is usually used, combining symmetric and asymmetric (public key method) encryption (secret key method). As the name Secret Key implies, the key must not be known to anyone other than you. With the hybrid method, a password (secret key) is first generated with a random generator, which is then used to encrypt the data using a symmetrical encryption method (e.g. 3DES). This can be done relatively quickly. Then only the random password (secret key) with a public key is encrypted according to the asymmetric procedure and attached to the file. Only the recipient who is in possession of the corresponding private key can decrypt the password. Thus he is now able to decrypt the complete data. The advantage of this hybrid procedure is that the password does not have to be transmitted unencrypted via public channels (Internet, telephone) and also changes with each session (encryption). In addition, the high speed of symmetric encryption is combined with the high security and user-friendliness of asymmetric encryption. The private key always belongs together with the public key. We are also talking here about a key pair, both of which are necessary for encryption and decryption according to the asymmetric procedure. Data that has been encrypted with the public key of A can only be decrypted with the private key of A.
Like the password (Secret Key) for symmetric encryption, the private key for asymmetric encryption must not be known to anyone other than the owner (->keep it safe). The advantage of the key pair is that the private key does not have to be transferred, like the password for symmetric encryption. Even if I personally hand over the password (Secret Key) to my partner, there is at least 1 foreign person in possession of the password. For this reason, it is best to define a separate password with each partner using symmetric encryption. This becomes all the more complicated the more passwords you have to remember.
What role does the hash procedure play in this case? - The hash procedure is not an encryption or decryption procedure. According to a mathematically defined mechanism (hash procedure), a kind of "cross sum" is formed over the data. Irrespective of the length of the data (100 bytes, 1000 bytes or 1 MByte), a fixed fingerprint of this data with a fixed length of e.g. 160 bits (RipeMD160) is formed.
If, for example, a hash value is formed via an e-mail and only one character in the e-mail changes, then the hash value also changes. The hash value does not contain large amounts of data and can therefore be encrypted ONLINE with an asymmetric key procedure before transmission. Only the recipient of this e-mail can now restore and check the original hash value with his private key. The recipient can then again create a hash value for their data (e-mail) and compares this with the encrypted hash value. If both values match, then your e-mail or the data was not falsified on the way.
Authentication refers to the authentication of persons, things or data. In the case of persons, proof is provided by means of an ID card, often with a photograph. The identity card is issued by a trustworthy authority, usually a state institution, and contains features that are intended to prevent imitation, alteration or falsification as far as possible. In addition to ID cards, chip cards and/or secret passwords can also be used for authentication. EC cards in combination with a PIN entitle the holder to withdraw money. Access to computers or personal areas in forums or online shops is usually secured by a combination of name and password. If a password authorises multiple accesses, this is referred to as a single sign-on (SSO). For the access to the computer, the one-time login or also the encryption offers abylonsoft various software products and function for comfortable and secure authentication.
The so-called 2-factor authentication offers additional security. This combines 2 secrets for access. For example, in addition to the use of a chip card, a pin or password is requested. The 2-factor authentication is supported in more and more areas and significantly increases the security of the user.
The Windows directory
AUTOSTART is a subfolder in the Start menu under Programs. All programs entered there will be executed automatically after the Windows login! This can be useful if the program should always be used or if it executes tasks in the background. On the other hand, many programs register there without this being desired or useful. This can considerably extend the start time of the PC and reduce the processor performance.
These entries should be checked for necessity from time to time! For this our software abylon APP-BLOCKER is very helpful, whereby the critical registry entries RUN and RUNONCE, as well as services are also displayed. In the software, all programs and processes are called apps.
Please use our support form for support requests Support form!