Q: What is Cryptography?
A: Cryptography is the science of writing or solving ciphers. Cryptography is an essential element in keeping the "secrets" we wish to communicate to a select audience, truly "private" in today's electronic world.
Q: What is Encryption?
A: Encryption is the process of turning readable information, also referred to as plaintext, into unreadable information, also referred to as ciphertext.
Q: What is Decryption?
A: The process of turning ciphertext back into plaintext is called decryption.
Q: Why do I need Encryption?
A: Encryption is an important security tool. It can protect information stored on computers, which may be vulnerable to unauthorized access or physical theft, and it provides a secure communications channel even if the underlying system is not secure. Encryption technology provides a valuable means to enable security, confidentiality, integrity, authenticity, and trust in today's networked world.
Q: What is a cryptographic algorithm?
A: An algorithm is a formalized set of rules for carrying out a computation or solving a problem in a finite number of steps. A cryptographic algorithm is a method for transforming information, so that it is not intelligible until it is decrypted.
Q: What is a PKI?
A: PKI stands for Public Key Infrastructure. The X.509 standard defines a PKI as "The set of hardware, software, people and procedures needed to create, manage, store, distribute and revoke certificates based on public-key cryptography." PKI has three components in its basic form - Public/Private keys, Digital Certificates, and a Certificate Authority (CA). In a typical PKI deployment, each user is assigned a pair of linked keys - a public key available to others through a CA, and a private key, which is kept secret on the user's client. A user sending a secure message uses the receiver's public key to encrypt the transmission so that only the intended recipient can read the message.
Q: Does it make my system more secure if I use Vema-Cipher’s Deadbolt with my existing PKI?
A: Yes, because Vema-Cipher’s Deadbolt provides you with the enhanced security technologies Vernam Pad Encryption.
Q: What makes Vema-Cipher Different?
A: Vema-Cipher technology uses a combination OpenPGP and NSS (Netscape Security Services) for FIPS 140-2 and standards compliance with an option for Vernam OTP that supports unconditional encryption.
Q: What is FIPS 140-2?
A: FIPS 140-2 is a standard set by the US government which specifies the necessary security requirements for cryptographic modules. Encryption application using any of the FIPD 140-2 are approved encryption methods to be used by all US federal agencies. FIPS 140-2 is the accepted compliance standard for any organization doing business or regulated by US.
Q: What is Vernam Encryption?
A: In cryptography, Vernam Encryption AKA the one-time pad (OTP) is a type of encryption, which has been proven to be impossible to crack if used correctly. It has also been proven that any cipher with the perfect secrecy property must use keys with effectively the same requirements as one-time pads. The one-time pad was invented in 1917 and patented a couple of years later. It is derived from the Vernam cipher, named after Gilbert Vernam, one of its inventors. The "pad" part of the name comes from early implementations where the key material was distributed as a pad of paper, so the top sheet could be destroyed after use.
Q: Why is Vernam unbreakable?
A: Being that each bit or character from the plaintext is encrypted by a reversible logic function with a bit or character from a secret random pad of the same length as the plaintext, resulting in a ciphertext; by using a key that is truly random, as large as the plaintext, never reused, and kept secret, the ciphertext will be impossible to decrypt or break without knowing the key.
Q: What is a Risk Assessment?
A: Risk assessment is a process whereby an organization evaluates the possible vulnerabilities and harm resulting from a failure in the process. It is measured in terms of a combination of the probability of an event and its consequence.
Q: What is a Security Policy?
A: A Security Policy is written as the result of a Risk Assessment. As its name implies, it is a set of procedures that must be adhered to in order to prevent breaches or losses, and what remedial steps must be taken in order to minimize or stop its effects and avoid any future occurrence. A Security Policy is made of many sections including; Acceptable Use Policy, Password Policy, Backup Policy, Network Access Policy, Incident Response Policy, Remote Access Policy, Virtual Private Network (VPN) Policy, Guest Access Policy, Wireless Policy, Third Party Connection Policy, Network Security Policy, Encryption Policy, Confidential Data Policy, Mobile Device Policy, Retention Policy, Physical Security Policy etc.