Advanced Encryption Standard (AES)

AES was established by The National Institute of Standards and Technology (NIST). AES is a cryptographic algorithm that can be used to protect electronic data. It takes a key and some data (plaintext) as input and transforms that data into something that looks entirely random (ciphertext). The only way to get meaning out of the ciphertext is to use AES and the same key to transform it back into the plaintext. A key is just a number, and AES can work with keys of three different sizes, 128 bits, 192 bits, and 256 bits. AES performs permutations and substitutions using several different techniques. It is the successor of older Data Encryption Standard (DES) that was approved as federal standard in 1977 and remained viable till 1998 when a combination of hardware, software and cryptoanalysis theory allowed decryption of DES-encrypted in 56 hours.

Password-Based Key Derivative Function 2# (PBKDF2#)

PBKDF2# is a Key Stretching algorithm. Key Stretching refers to techniques that are used to secure a possibly weak key, usually a password or a passphrase, by increasing the time it takes to test each key. Key stretching makes password cracking more difficult. The initial key is fed into an algorithm that outputs an enhanced key. The enhanced key should be of sufficient size to make it unfeasible to break by brute force (example: at least 128 bits).

The key stretching process leaves the attacker with 2 options: either try every possible combination of the enhanced key (unfeasible if the enhanced key is long enough), or else try likely combinations of the initial key. In the latter approach, if the initial key is a password or a passphrase, then the attacker would first try every word in a dictionary or common password list and then try all character combinations for longer passwords. Key stretching does not prevent this approach, but the attacker has to spend much more time on each attempt.



Rivest-Shamir-Adleman (RSA)

RSA is a cryptosystem for public key encryption and is widely used to secure sensitive data. Public-key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This is one reason why RSA has become the most widely used as asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic communications and data storage. It is also used in software programs --browsers are an obvious example, which need to establish a secure connection over an insecure network like the Internet. RSA was first described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman of the Massachusetts Institute of Technology.

Military Grade 256 Encrypted Secure Socket Layers (SSL)

SSL is the same encryption standard that is used by the military. The length requirement of 256-bit is used to secure documents classified as “Top Secret”. With a personal encryption key in place, all files are first secured with 256-bit encryption key that is known only to the client. The key is never stored in TARAS servers so therefore, there is no access of stored and encrypted data to TARAS personnel. The encrypted files are then transferred over a Secure Socket Layer (SSL) connection to be stored in our world class data centers.