Confidentiality and Strength
Confidentiality and Strength: One of the major reasons of implement a cryptographic system is to ensure the confidentiality of the information being used.
Confidentiality may be intended to prevent the unauthorized disclosures of information in a local network or to prevent the unauthorized disclosure of information across a network. A cryptographic system must do this effective in order to be of value.
The need to keep records secure from internal disclosure may be just as great as the need to keep records secure from outside attacks.
The effectiveness of a cryptographic system in preventing unauthorized decryption is referred to as its strength: A strong cryptographic system is difficult to crack.
Strength is also referred to as the algorithm’s work factor: The work factor describes an estimate of the amount of time and effort that would be needed to break a system.
The system may be considered weak if it allows weak keys, has defects in its design, or is easily decrypted. Many systems available today are more than adequate for business and personal use, but they are inadequate for sensitive military or governmental applications.
Cipher suites, for example, work with SSL/TLS to combine authentication, encryption, and message authentication.
Most vendors allow you to set cipher suite preferences on a server to determine the level of strengths required by client connections.
With Sybase, for example, you set the cipher suite preference to Weak, Strong, FIPS, or All. If you choose Strong, you are limiting the choices to only encryption algorithms that use keys of 64 bits, while choosing Weak adds all the encryption, hash and key exchange algorithms to be FIPS complaint (AES, 3DES, DES, and SHA1).
Apache offers similar choices but instead of the words Strong and Weak, the names are changed to High, Medium, and Low.