Data Encryption Key (DEK) Tips

2011-03-23

Page content

Introduction

Encryption is a very popular technique for computer security. Since its appearance in basic ciphers many centuries ago, the presence of keys played a vital role in it. Simply put, a key is a set of characters (comprising letters, numbers and special symbols) that is used by an encryption system (usually a sophisticated computer program) to scramble and unscramble the data this system is applied on. It is a commonly known fact in cryptography (the science that deals with this type of systems), that the quality of an encryption should rely on the key primarily, since the workings of an encryption system can easily become known, usually by reverse engineering it. So, creating a good key is crucial for the security of our data. Here are some tips on this matter, to come up with powerful data encryption keys (DEK).

Tips for a Good DEK

There are several ways for creating good DEK that offer strong encryption without being too difficult to remember. Here we will examine some of the most practical techniques for this purpose.

First of all, a DEK has to be relatively long (the longer the better). It is not uncommon that in cases where data security is crucial, the DEK is a whole sentence. Yet the DEK has to be memorable too, because if we need to write it down its security can be compromised. If it is not feasible to remember the DEK, it is best to store it in a “password safe,” an encrypted file that contains DEKs.

In order for the DEK to be memorable, it is best to use words or phrases that we have remembered for many years, perhaps the name of street we lived as a child, or the name of a role model. Using as a DEK a word or phrase that we just made up is quite risky, since we are bound to forget it in a few days or weeks.

A good DEK has to have special characters and/or numbers in it. The more complex it is, the better, as it will be more difficult to guess. For example, instead of “NikolaTesla” as a DEK, we could use this DEK combined with a memorable year (which is not obviously related to us): “NikolaTesla1996” or “Nikola1996Tesla”. This way even if someone guesses “NikolaTesla” it won’t be enough to compromise the encryption system. Alternatives can incorporate special characters in the place of letters, for example “N1k0laTesla” or “N!k0laTesla”, where i and o are substituted with 1 (or !) and 0 respectively. Just be consistent with the substitution you use, so that you can remember the DEK variation without difficulty.

Another useful technique is playing around with the higher and lower case of the letters. For example, if you alternate them, it would make the DEK harder to guess: “NiKoLaTeSlA”. A bonus of this method is that the DEK variant is quite easy to remember this way.

A DEK can also be made up of seemingly random characters, which however are easy for us to remember because of their location on the keyboard. For example one such DEK could be “qweasdzxc”, which comprises of the first 3 letters of the 3 rows of letters of a QWERTY keyboard.

Generally it is good to avoid words or numbers that are directly related to our person. For example, if someone is called “Mary Smith”, is born in 1969 and has a son called “Kyle”, the DEKs “Mary1969”, “Kyle1969” and “Smith1969” are very weak ones, as someone may easily find them after a few guesses.

It’s also quite useful to avoid using the same DEK in more than one place. This is because if one of them is hacked and your DEK discovered, this would comprise the other place(s) too.

Summary

Overall, data encryption is an essential part of our lives, due to the advancement of computer technology and the internet in particular. To deal with this effectively we need to be creative with the DEK we use and remember that those who are after them are quite motivated and willing to spend a lot of time to find our DEK. That’s why no matter how good we think our DEK is, it’s always good to change it from time to time, just in case.

Introduction

Tips for a Good DEK

Summary

Further Reading