Privacy and Encryption

1. Who is Bruce Schneier? Why is he noteworthy? *

From Schneier.com:

About Bruce Schneier

Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," he is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier.

2. In your own words, describe TwoFish *

In cryptography, TwoFish is used for encryption, which and it has two sets of keys - one is used for the encryption key while the other one is used in validating algorithm encryption. TwoFish, which is the 'next thing' after BlowFish, has 128 bits block size and up to 256 key bits. 

3. In your own words, describe Blowfish *

Having a 64 bists block size and with a variable key length from 32 up to 448 bits, Blowfish was the 'replacement' for DES created by Bruce Schneier.

4. In your own words, what are the similarities between TwoFish and Blowfish? *

Both created by Bruce Schneier, they are both free and not patented - to be use by people.

5. In your own words, what are the differences between TwoFish and Blowfish? *

Two is much faster than TwoFish because it has more bits block size - having a bigger block cipher

6. In your own words, what is the Advanced Encryption Standard or AES? *

Advanced Encryption Standard (AES) is an encryption algorithm adopted and widely used by the U.S. government. This is used to secure unclassfied and confidential materials coming from the goverment.

7. In your own words, what is Rijndael? *

Rijindael is an algorithm chosen in the contest for Advanced Encryption Standard. As a replacement for DES, it has 128 bits block size and varies key sizes of 128, 192,  and 256 bits.

8. Why do you think Rijndael was chosen as the AES? * 

With much security intact, Rijindael was chosen because of its flexiblity and its three (3) line of defense making its security much stricter.

9. Who is Phil ZImmerman? Why is he noteworthy? *

From Philzimmermann.com:

Philip R. Zimmermann is the creator of Pretty Good Privacy, an email encryption software package. Originally designed as a human rights tool, PGP was published for free on the Internet in 1991. This made Zimmermann the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread worldwide. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world.

10. What is PGP? Why is it noteworthy ?* 

 From Indiana University:

PGP ("Pretty Good Privacy") is a powerful, free cryptography package that lets people exchange files in a private, encrypted format, and also provides message authentication. PGP is called a public key system. Each person using PGP has both a public and a private key. Each key is actually a digital signature (a small file  with a stream of uniquely generated characters). The public key is widely distributed to any correspondents, while the private key is guarded with secrecy.

An encrypted message in PGP is scrambled in a complex way to make it unreadable to anyone other than the intended recipient. You can use your private key and the recipient's public key to generate a message that can be unscrambled only by the recipient who has your public key as well as a personal private key, allowing you to easily exchange encrypted messages with anyone with whom you have exchanged public keys.

Conventionally, a single-key system is used to encrypt files; the same key used to encrypt a file is also used to decrypt it. The key thus must be carefully transferred from person to person, since if it were found, anyone could decode messages. This type of keying is known as symmetric.

PGP is also used for authentication. A private key generates a unique digital signature attached to a message. Anyone holding the creator's public key can verify that the message was generated by the person holding a genuine private key, and whether or not the message was altered in transit.