Another fun concept is steganography. This is hiding or embedding one message within another. The simplest form would be writing your secret message on paper with invisible ink and then having unrelated or harmless text in regular ink over the top in computing. Steganography takes the form of hiding text within files. The main purpose is to not draw attention. Text can be hidden in an image, audio files or video files, image files were the most common and one method for an image. Tagging on Rafi involves using the last bit in the color code of each pixel to hide the message. If you change those color codes, just a small amount by one bit, you are not going to see much of a visual difference in the actual image file. You cannot even encrypt the data before and/or after the message is hidden. Steganography is sometimes called electronic watermarking when referring to labeling an image for anti-piracy purposes. Steganography tools are readily available and are often used for illicit activities like data theft or hiding messages in parts of the world where Krypton is illegal or would arouse suspicion so check on this before playing with it at work, because it might be considered inappropriate by your Local security policies, as you will see, as we get more into individual algorithms. In another lesson, there are a lot of cryptographic methods to choose from. It then becomes important that we use only algorithms that, as of today, are considered strong and even strength is a relative term. Really, you need to look at the trade-off between security, speed, and ease of implementation.
Do keep yourself informed on cryptography news, learn from the past, where there were widely used, algorithms that were eventually broken. We are ready to talk about how this happened with WEP for wireless encryption. Also, new encryption methods are being worked on all the time. You should resist the urge to jump on the latest bandwagon until an algorithm has proved itself to have staying power. Leverage strong encryption with good key management, because your encryption is only as strong as your key some things that are considered when deciding if a cryptographic technology is strong or not is a long enough key length used how quickly will dynamically create keys repeat? Does the method have multiple iterations through the algorithm? If someone were to change the plaintext just a little with the ciphertext change a lot, we want this to be true. Remember: can someone figure out the key from the ciphertext? This would be bad. Also bad is if someone could figure out the plaintext from the ciphertext without the key or if someone could figure out the private key from the public key. The good thing is being that you do not have to be the one person deciding which are strong in which or not just be sure to use proven technologies for today and remember that tomorrow this could change, and now we have reached the key terms. You should know section for this cryptography concepts lesson. One thing I do want to point out to you is that cipher is sometimes spelled with a y, so you could see that out on the job. I have three slides full of definitions for you this time and there are a lot of added terms so be sure to read these definitions and go back to the concepts that you need further study on.