views:

203

answers:

3

Hello all I need to encrypt text what is the best encryption to use programmatically ?
In general I have input file with string that I need to encrypt then read the file in the application
Decrypt it for the application flow .
with c++

+13  A: 

The strongest encryption is to use a one-time pad (with XOR for example). The one time pad algorithm (unlike most other commonly used algorithms) is provably secure when used correctly.

One serious problem with this algorithm is that the distribution of the one-time pad must be done securely and this is often impractical. If it were possible to transmit the one time pad securely then it would typically also be possible to send the message securely using the same channel.

In situations where it is not possible to send information securely via another channel, public key cryptography is used. Generally the strength of these algorithms increases as the key length increases, unless some critical weakness is found in the algorithm. RSA is a commonly used public key algorithm.

To get strong encryption with public key cryptography the keys tend to be large (thousands of bits is not uncommon) and the algorithms are slow to compute. An alternative is to use a symmetric key algorithm instead. These can often get the same strength encryption with shorter keys and can be faster to encrypt and decrypt. Like one-time-pads this also has the problem of key distribution, but this time the key is very short so it is more feasible to be able to transfer it securely. An example of a commonly used symmetric key algorithm is AES.

Mark Byers
+1 for one-time pad.
Skarab
It's not the only algorithm that's secure, far from it. In fact, the Wikipedia link refers to a class of "Shannon secure" algorithms that are all equally strong. Trivially, since `OTP(text, key)` is perfectly secure, `OTP(OTP(text, key1), key2)` is as well.
MSalters
@MSalters: Thanks for the comment. I've updated my answer.
Mark Byers
+2  A: 

One time pad is the strongest, but probably you are looking sth that you can use easily in your application. Check this page to learn about strength of algorithms - http://security.resist.ca/crypt.shtml and here you have a C++ library: crypto++ (the link points to a benchmark that compare performance of different algorithms) http://www.cryptopp.com/benchmarks.html.

Skarab
A: 

The answer depends on what you mean by "strong encryption".

When cryptographers talk about strong encryption modes, they usually expect that it has at least two properties:

  • confidentiality: I.e. it is not possible to find any information about the plaintext given the ciphertext (with the possible exception of the plaintext length).
  • integrity: It must not be possible for an adversary to modify the ciphertext, without the receiver of the message noticing the modification.

When cryptographers call a cryptosystem "provably secure under some assumption" then they typically mean that the cryptosystem is secure against chosen ciphertext attacks unless the assumptions (e.g. there is no efficient algorithm for some well known problem) are not satisfied.

In particular, some of the other answers claim that the one-time pad is the most secure algorithm. However, the one-time pad alone does not provide any integrity. Without any modifiction it is easy to modify a ciphertext, without that the receiver notices the modification. That means that the one-time pad only satisfies a rather weak security notion called "perfect secrecy". I.e. nowadays it is quite misleading to call the one-time pad "provably secure", without mentioning that this only holds under a security model that does not include message integrity.

To select a strong encryption mode an might also look at practical aspect. E.g., how much cryptanalysis has gone into an encryption mode, or how well has the cryptographic library that implements the algorithm been analyzed. With that in mind, selecting a well-known cryptographic library, properly encrypting with AES, authenticating with HMAC is going to be close to optimal.

Accipitridae