| Home | Update | Hacking | Protection | Contact | Alerts |

Encryption
Campus Alerts
Update Your Operating System
I've Been Hacked!

Get Protection

Contact Us

|

Encryption is the process of obscuring information to make it unreadable without special knowledge.

Most early internet protocols (Telnet, FTP, SMTP(mail), http (www)) were not designed with security in mind. They send your information over the network in clear text, making it accessible to others who take the time to look for it.

Many enhancements have been made over the years to replace these vulnerable methods with protocols which can protect (encrypt) data. Telnet is being replaced with SSH, which has additional functionality and encrypts all data, even the initial password exchange. SSH can also create encrypted tunnels over which any other protocol can be transfered securely (with a bit of configuration). FTP is being superceded by Secure (SFTP) and Secure Copy (SCP), combinations of FTP and SSH. Most mail clients now support encrypted connections to mail servers (UMD requires this now). But the transfer of mail between servers remains "in the clear."

End to end email security is possible if users at both ends use Pretty Good Privacy (PGP) or Gnu Privacy Guard (GPG), two mostly-interoperable programs which allow the creation and sharing of encryption keys, and the encryption and decryption of files and messages. Look for more information on these here.

Instant Messaging (IM) is also conducted in the clear, and requires specialized clients on both ends to preserve anything resembling privacy.

Data residing on hard drives in files can also be encrypted to prevent unauthorized or inadvertent disclosure. PGP (the non-free version) has an aplication which will encrypt an entire volume or individual files. True-Crypt is a free product which can create and mount encrypted volumes as well. Besides protecting data in case your computer is compromised by intrudaers, this measure will also protect the data should your computer be stolen.

We recommend using encrypted methods wherever possible (SSH, SCP/SFTP, https, etc.) and using care where it is not. Be aware of the nature of your connection and transmit data appropriately.

 
logo
       
How are we doing?

This page is maintained by the Office of Information Technology
Questions and/or comments: oit-webeditor@umail.umd.edu
Last modified: Friday, January 16, 2004
© 2004 University of Maryland

 University of Maryland
Office of Information Technology University of Maryland