In cryptography, plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. The plaintext could be, for example, a diplomatic message, a bank transaction, an e-mail, a diary and so forth — any information that someone might want to prevent others from reading. Typically the plaintext is the message in a form where no special effort has been made to make the information unreadable without special knowledge. In some systems, however, multiple layers of encryption are used, in which case the ciphertext output of one encryption algorithm becomes the plaintext input to the next. Computer files can be divided into two broad categories: binary and text. ... The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κρυπτός kryptós hidden, and the verb γράφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ... This article is about algorithms for encryption and decryption. ... Encrypt redirects here. ...

Secure handling of plaintext

In a cryptosystem, weaknesses can be introduced through insecure handling of the plaintext, allowing an attacker to bypass the cryptography altogether. Plaintext is vulnerable in use and in storage, whether in electronic or paper format. Physical security deals with how media can be secured from local, physical, attacks. for instance, an attacker might enter a poorly secured building and attempt to open locked desk drawers or safes. An attacker can also engage in dumpster diving, and may be able to reconstruct shredded information. One countermeasure is to burn or thoroughly crosscut shred discarded printed plaintexts. (See Paper shredder for specifications.) If plaintext is kept in a computer file, the disk along with the entire computer and its components must be secure. Sensitive data is sometimes processed on computers whose mass storage is removable, in which case physical security of the removed disk is separately vital. In the case of securing a computer, that security must be physical (e.g., against burglary, brazen removal under cover of a repair, installation of covert monitoring devices, etc.) as well as virtual (e.g., operating system modification, illicit network access, Trojan programs, ...). The wide availability of keydrives, which can plug into most modern computers and receive hundreds of megabytes of data, poses another severe security headache. A spy (perhaps posing as a cleaning person) could easily conceal one and even swallow it, if necessary. There are two different meanings of the word cryptosystem. ... Physical security describes measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media. ... A typical home safe. ... Dumpster diving is the practice of rummaging through trash, whether commercial or residential, to find items of use that have been discarded. ... Paper shredder with built-in wastebasket Paper shredders are used to cut paper into very fine strips or tiny paper chips. ... This article is about computer files and file systems in general terms. ... An operating system (OS) is the software that manages the sharing of the resources of a computer and provides programmers with an interface used to access those resources. ... In the context of computing and software, a Trojan horse, or simply trojan, is a piece of software which appears to perform a certain action, but in fact, performs another. ... A USB keydrive, shown with a US quarter coin for scale. ...

Discarded computers, disk drives and media are also a potential source of plaintexts. Most operating systems do not actually erase anything — they simply mark the disk space occupied by a deleted file as 'available for use', and remove its entry from the file system directory. The information in a file deleted in this way remains fully present until overwritten at some later time when the operating system reuses the disk space. With even low-end computers commonly sold with many Gigabytes of disk space and rising monthly), this 'later time' may be months, or never. Even overwriting the portion of a disk surface occupied by a deleted file is insufficient in many cases. Peter Gutmann of the University of Auckland wrote a celebrated paper about 1996 on the recovery of overwritten information from magnetic disks (though it must be noted that drive densities have got much higher since then which will make this type of recovery much harder). Also, modern hard drives automatically remap sectors that are starting to fail; those sectors no longer in use will contain information that is invisible to the file system software but is nonetheless still there on the physical platter. It may be senstive data. Some government agencies (e.g., NSA) require that all disk drives be physically pulverized when they are discarded, and in some cases, chemically treated with corrosives before or after. This practice is not widespread outside of the government, however. For example, Garfinkel and Shelat (2003) analysed 158 second-hand hard drives acquired at garage sales and the like and found that less than 10% had been sufficiently sanitised. A wide variety of personal and confidential information was found readable from the others. See data remanence. In computing, a directory, catalog, or folder, is an entity in a file system which can contain a group of files and/or other directories. ... This article is about a computer scientist. ... The University of Auckland (Māori: Te Whare Wānanga o Tāmaki Makaurau) is New Zealands largest research-based university. ... NSA can stand for: National Security Agency of the USA The British Librarys National Sound Archive This page concerning a three-letter acronym or abbreviation is a disambiguation page — a navigational aid which lists other pages that might otherwise share the same title. ... It has been suggested that File wipe be merged into this article or section. ...

Laptop computers are a special problem. The US State Department, the British Secret Service, and the US Department of Defense have all had laptops containing secret information, presumably in readable text form, 'vanish' in recent years. Announcements of similar losses are becoming a common item in news reports. Disk encryption techniques can provide protection if they are used properly. Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device (e. ...

On occasion, even when the data on the host systems is itself encrypted, the media used to transfer data between such systems is still left as plaintext because of bad data policy. An incident in October 2007 where the English HM Revenue and Customs lost CDs containing no less then 25m records of child benefit recipients in the United Kingdom — the data on the CDs apparently being entirely unencrypted — is a case in point.

Modern cryptographic systems are designed to resist attacks based on known plaintext or even chosen plaintext. Older systems used techniques such as padding and Russian copulation to obscure information in plaintext that would be known or easily guessed. The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... In cryptography, padding is the practice of adding material of varying length to the plaintext of messages. ... In cryptography, Russian copulation is a method of rearranging plaintext before encryption so as to conceal stereotyped headers, salutations, introductions, endings, signatures, etc. ...

See also

• cleartext
• RED/BLACK concept

In data communications, cleartext is the form of a message or data which is transferred or stored without cryptographic protection. ... The RED/BLACK concept refers to the careful segregation in cryptographic systems of signals that contain sensitive or classified plaintext information (RED signals) from those that carry encrypted information, or ciphertext (BLACK signals). ...

References

• S. Garfinkel and A Shelat, "Remembrance of Data Passed: A Study of Disk Sanitization Practices", IEEE Security and Privacy, January/February 2003 (PDF).
• UK HM Revenue and Customs loses 25m records of child benefit recipients BBC