The American cryptographer, Bruce Schneier, once famously said, "There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government" (Schneier). All kidding aside, Bruce Schneier's words are quite accurate and a very true portrayal of contemporary cryptography. While encryption is widely regarded as a method of concealing information from others, it is not very well understood. It is important to realize that encryption is in fact both an art and a science, which can be as simple as one desires, or as complex as one desires. Moreover, it has been the result of thousands of years of careful research and development. Consequently, the art and science is mature and may be simple or complex, easy to decrypt or difficult to decrypt. In keeping with Schneier's words, there can be weak encryption algorithms capable of preventing access to sensitive information; while there can also be complex encryption algorithms capable of preventing entire governments from accessing sensitive information. Nevertheless, the goal has always been to keep a secret. Regardless of whether the encryption algorithm is weak or strong, as long as the encryption algorithm prevents the unauthorized user from gaining access to the encrypted message, it is a good encryption algorithm. Moreover, since the necessity for keeping secrets has grown with modern times, so has our use of encryption. Encryption has rapidly emerged in the 20th and 21st centuries as a tool of our modern societies. Today it is almost ubiquitous in our society. Without a doubt, encryption has shaped how our societies have formed and organized information and communications and it will surely follow us as we make our leap into the 21st century and beyond.
Origins of Encryption
Get your grade
or your money back
using our Essay Writing Service!
Classical cryptography dates back to the second millennium before Christ, when ancient Egyptians used ciphers to encrypt messages on the tombs of their nobleman. They consisted primarily of disorganized hieroglyphics, which were the result of simple substitution cryptographs. The original intentions for these cryptographs were to differentiate between the tombs of nobleman and the tombs of kings, which were not supposed to conceal information from the common people. The nobleman, not the kings, had the hieroglyphics in their tombs encrypted in order to make the tombs of the kings appear more regal. Unencrypted hieroglyphs displayed to the society that the kings were not withholding any information from their subjects, while the nobleman were not held to such a standard, even though one could easily decrypt the hieroglyphics in their tombs if one wished. Nonetheless, as time passed, cryptographs gradually became more complex and sophisticated. Eventually, some hieroglyphics became too difficult for simple commoners to decrypt without decryption keys and these hieroglyphic messages became lost to the Egyptian people (Cohen, 2006).
Elsewhere in the world, ancient peoples also used primitive encryption techniques; however, in contrast to Egypt, these techniques were mainly used to conceal information rather than to differentiate between kings and nobleman. Around 1500 BC, Mesopotamian pottery makers encrypted their proprietary formulas for clay and pottery glazes on clay tablets. Moreover, around 500 BC, ancient Hebrew scribes used substitution cryptography techniques to conceal religious writings, such as the book of Jeremiah (Whitman, 2009). The ancient Spartans of Greece began employing the first devices to encrypt and decrypt messages around 487 BC (Whitman, 2009). The Spartans used a device known as a Skytale, which is nothing more than a specifically sized wooden staff, to encrypt and decrypt messages. Skytale encryptions were created by wrapping thin sheets of papyrus around the skytale and then writing messages on the papyrus. The papyrus was then unwrapped and could only be read again if one had the same size and type of skytale key necessary to decrypt the message (Dembskey, 2010).
The Romans continued to refine the art of cryptography when Julius Caesar devised a substitution cipher to encrypt messages he was sending to hostile territories of the empire (Cypher Research Laboratories, 2006). Julius Caesar's cryptography algorithm was a simple substitution cipher and involved transposition of the Roman alphabet. To encrypt a message, one would take the real letter from a piece of plaintext and replace it with the letter that preceded it by three letters. Roman historian, Suetonius explained this method by describing how one would decrypt the plaintext letter D. Suetonius wrote, "The way to decipher those epistles was to substitute the fourth for the first letter, as D for A, and so for the other letters respectively" (Suetonius, 121). In that respect, the letter D would be encrypted as the letter A, the letter E would be encrypted as the letter B and so forth. In reverse, the letter A would be decrypted as the letter D, the letter B would be decrypted as the letter E, and so forth. Though a relatively old and simple cryptographic algorithm, the Caesarian substitution algorithm is one of the most widely used and easily understood encryption algorithms even today (Leyden, 2006). Nevertheless, its use declined as more sophisticated encryption algorithms replaced it.
Always on Time
Marked to Standard
Cryptography became widely used during the European Middle Ages, Renaissance, and Enlightenment. The kingdoms and fiefdoms of Western Europe found cryptography to be a particularly necessary tool in war-torn and battle-worn lands of the European continent. In 1466, Leon Battista Alberti, the Father of Western Cryptology, conducted his studies in cryptographic methods and created the first polyalphabetic encryption algorithm. A polyalphabetic encryption algorithm uses multiple alphabets and a series of alphabetic representations and keywords to encrypt messages in a specific fashion (Whitman, 2009). Up to that time, most encryption algorithms utilized substitutions and mono-alphabetic encryption techniques that could be easily broken if one wished to devote the time and energy to crypto-analysis of the message. Alberti's encryption algorithm relied upon a series of copper disks each having one complete set of the alphabet, one placed inside the other to substitute or replace characters in a plaintext alphabet for other characters in a cipher-text alphabet. A plaintext message could thus be encrypted multiple times, using different cipher-text alphabets that relied on different substitution intervals to ultimately create an undecipherable cipher-text message. The message could only be decrypted if the user had both the copper decryption keys and knowledge of the exact substitutions used in each interval of the encryption algorithm (Cohen, 1990). The development of polyalphabetic encryption techniques greatly accelerated the practicality of encryption and provided enhanced security and reliability of encrypted messages. Many other scholars built upon Alberti's work. In 1518, Johannes Trithemius developed a steganography cipher, which was enhanced and more sophisticated version of Alberti's ciphers. Furthermore, in 1553, Giovan Batista Belaso introduced passphrases as keys for encryption algorithm. These passphrases encryption techniques eventually became known as Vigenère ciphers. Moreover, enlightenment contemporaries such as Sir Francis Bacon and his successors, including Thomas Jefferson, used and wrote of encryption algorithms widely in their works all the way up until the modern age (Whitman, 2009).
Development of encryption techniques accelerated in the 20th century. As the world began industrialization, new scientific methodologies and the development of modern industrialized machines propelled the practice of cryptography to new levels. In fact, US involvement in World War I was the result of British code breakers decrypting the infamous Zimmerman telegram, in which Germany promised Mexico US territory in exchanged for support during the War (Whitman, 2009). It was also around this time that encryption technologies began involving sophisticated machinery and hard sciences. For example, in 1929, American mathematician and scientist Lester S. Hill constructed and patented a polygraphic substitution cipher machine with geared wheels to encrypt messages. His algorithm, known as the Hill cipher algorithm relied on concepts of linear algebra to encrypt and decrypt messages (Hill Cipher). Although his specific algorithm had its limitations, the Hill cipher algorithm represented a monumental advancement in the study and development of cryptographic encryption techniques (Cohen 1990). The next major advancement in encryption was the development of electromagnetic rotor encryption and decryption devices during World War II. The most famous of these electromagnetic encryption devices was the German Enigma Machine, a device used by Nazi officers to send encrypted messages back and forth on the front lines. At its core, the Enigma Machine was nothing more than a sophisticated typewriter. Yet, in contrast to a typewriter, it had slots that allowed operators to insert scrambler and descrambler disks in order to encrypt and decrypt top-secret Nazi communications (Naber, 2010). The disks and encryption techniques were based on sophisticated mathematical permutations and transformations. Had allied code breakers not managed to break the Enigma algorithm during World War II, which for all intensive purposes was largely the result of physical theft of key tables, devices, and various other documents and Enigma accessories by Allied spies, many believe that the Allied powers may not have won World War II (Enigma Machine). It was also around this time that the US government began employing Navajo "Code Talkers" to encrypt their communications. In general, this involved using a language known to only several hundred Native Americans living in the American Southwest to encrypt American communications. Specifically, since many words typically used in modern battlefield did not exist in the Navajo language, Navajo "Code Talkers" would make up their own code words for subjects and ideas found on the battlefield (Whitman, 2009).
This Essay is
a Student's Work
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.Examples of our work
By the 1970s, advances in information technology had created an explosion of innovation in encryption technologies. The development of public key encryption, which utilized publicly available keys to securely encrypt messages, improved both the ease and practicality of encryption security measures. The days of physically transporting and sending keys to people in order to decrypt encrypted messages were over (Whitfield, 2008). Moreover, in 1977, the United States government began development of the first encryption standards. The Data Encryption Standard (DES) was a standardized symmetric block encryption algorithm that provided flexibility and scalability of encryption algorithms used by many organizations and government agencies. DES was a joint project, conducted in collaboration with IBM and the National Security Agency (NSA), and as a 56-bit key encryption algorithm, it was at the time only breakable by a brute force attack. Nonetheless, due to increases in computing power, DES eventually became obsolete and was replaced by the Triple Data Encryption Standard (3DES), which employed new and much longer keys to encrypt messages. Nevertheless, although 3DES currently uses 168-bit keys, the United States government expects it to become obsolete and unacceptable for government use by 2030 (Shelton, 2010). Thus, in 2001, the National Institute of Standards and Technology (NIST) announced the Advanced Encryption Standard (AES) a replacement for 3DES. In an un-orthodox approach, the institute made the project an "open and public" encryption algorithm competition (Daemen, 2002) in which the most world's most vetted and veteran experts in cryptography competed to develop the next encryption standard. Ultimately, Belgian cryptographers Joan Daemen and Vincent Rijmen succeeded in developing a sophisticated 128-bit symmetric block cipher with scalability for both 192-bit and 256-bit encryption keys. Upon final development, it was approved for US government non-classified data. Recently, AES was also approved and adopted by the US Secret Service for classified communications (Shelton, 2010). Moreover, European Telecommunications Standards Institute is also using AES as a building block for their standard block cipher algorithm, MILENAGE (Daemen, 2002). At its roots, the AES standard is the new up and coming standard for data encryption worldwide. Nevertheless, despite its nouveau status and widespread success, odds are an even more sophisticated encryption algorithm will be necessary to replace AES, as code breakers become more sophisticated and circumvent new AES encryption technologies.
Symmetric & Asymmetric Key Encryption
There are many numerous variations of modern encryption techniques, specifically since the development of public keys in the 1970s, yet all technologies fall within three realms: symmetric encryption, asymmetric encryption, or a combination of both. A generic symmetric encryption algorithm involves a sender and receiver using one key to both encrypt and decrypt a message. Essentially, a sender encrypts a plaintext message using a "secret" key then sends the encrypted message to a receiver. The receiver must then use the same key to decrypt the encrypted cipher-text. The trick here is to securely send the key to the receiver without that key being intercepted and used to read the encrypted message. Therefore, the sender should not send the message and key together and should ensure that whatever medium is used to send the key, it is secure and not prone to being compromised, as this would defeat the purpose of encrypting the message (Wallace, 2011).
In contrast, asymmetric encryption utilizes one key to encrypt a plaintext message and another key to decrypt a cipher-text message. A generic asymmetric encryption algorithm uses both a public and private key to send secure communications; however, the same key cannot be used to both encrypt and decrypt a message. In practice, the receiver sends his public key to the sender, who uses it to encrypt a message. The sender then sends that message to the receiver, which uses his private key to decrypt the message. The advantage here is that one does not need to send a decryption key over a public network in order to encrypt and decrypt a message, thus the algorithm is more reliable. Nevertheless, asymmetric encryption can be cumbersome. Since each user needs both a public and private key, in order to send messages between two people, four keys instead of one must be used (Wallace, 2011).
There are many noteworthy uses for encryption today. Among these are uses as an authentication medium, uses as a data security control, and uses as a communications security control.
Digital signatures can be used to verify the authenticity of sender. In essence, a digital signature is a method of verifying that whoever sent a communication, is in fact the person they claim to be and to ensure that the message sent has not be damaged or tampered with in any way. To send a digital signature message, asymmetric encryption methods are used to encrypt and decrypt data sent to a receiver (Whitman, 2009). Since asymmetric encryption relies on both a public and private key to encrypt and decrypt a message, if decryption utilizing a sender's public key works, the sender can be verified as the person who sent the message. Otherwise, if the message fails to be decrypted, the sender is not using the right private key to encrypt the message and/or the message was tampered with or corrupted during transmission (Digital Signature). Furthermore, in addition to providing authentication and reliability to data, digital signatures provide non-repudiation that the message sent by the sender was actually sent by the sender.
Secure Socket Layer (SSL) & Secure Electronic Transactions (SET)
Secure Socket Layer (SSL) and Secure Electronic Transaction (SET) technologies provide security for online data transmissions, specifically when financial transactions are taking place. An increase in the volume of online financial transactions necessitates safeguards for the protection of financial data. Secure Socket Layer (SSL) provides encryption for transmission of sensitive data such as social security numbers or credit card numbers. The protocol was developed by Netscape using public key encryption algorithms to safeguard sensitive data transmissions over the Internet (Whitman, 2009). Its use can be most easily recognized when one sees a URL beginning with "https," where the "s" denotes a secure socket layer connection to the server (Yang, 2011). Secure Electronic Transactions (SET) is also widely used. The SET protocol was developed by a MasterCard and Visa consortium in 1997 to protect against electronic payment fraud. It also provides comparable protection for transmission of sensitive Internet-based and communications network-based financial transactions (Whitman, 2009).
Full Disk Encryption
Companies, government agencies, and individuals often have a necessity to conceal proprietary or confidential data. Encryption can provide a solution for protecting their sensitive data. Frequent use of laptops, removable storage device, and other mobile devices and an increase in the volume of sensitive data represent a need for affordable encryption technologies. Technologies such as "Symantec Endpoint Encryption" provide full disk encryption for devices such as desktop, USB, PDA to ensure that thieves are unable to access sensitive information even if they gain physical access to devices containing sensitive information (Symantec, 2011). Furthermore, mobile phone applications such as WhisperCore allow for full disk encryption of data stored on Android Nexus S (Mills, 2011).
Encryption can also help companies, government agencies, and individuals protect the privacy of their email communications. Emails are widely used in a business context as well as in a personal context; however, the widely used Simple Mail Transfer Protocol (SMTP) is not a secure email transmission medium. Consequently, several cryptosystems, such as S/MIME, PEM, and PGP, have been adapted to work with dominant email protocols, such as SMTP to add more security to email communications (Whitman, 2009). For instance, PGP is a freeware program that automatically encrypts and decrypts sensitive emails and provides support for various email delivery and formatting options (Symantec, 2011).
Wireless Network Encryption
Wireless networks are inherently prone to network security breaches, as they rely on radio transmissions for communication. Attackers can easily intercept the data on open wireless networks and use it for malfeasance. Currently two general protocols exist to protect wireless communications: Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP uses static keys to encrypt data transmissions and does not validate users' credentials, which means it can be quickly circumvented by unauthorized users. WPA overcomes many of the weakness of WEP by using dynamic keys and improved user authentication, yet it too can be prone to attack by sophisticated hackers and unauthorized users (Whitman, 2009).
Remote Network Encryption
Virtual private networking (VPN) is a popular standard for securing data communications between enterprise local and wide area networks and remote users. Encryption allows remote users to utilize public networks, such as the Internet, to send and receive private communications on an enterprise network. Encryption technologies help keep confidential information on the VPN secure while in transmission (Whitman, 2009). IPsec is the dominant protocol used on virtual private networks, which includes transport mode and tunnel mode forms of transmission, allowing an organization to encrypt entire data packets over the VPN or all information except the data header (Whitman, 2009).
Future of Encryption
Future encryption applications will almost certainly focus on securing today's most popular information technologies: mobile devices, wireless devices, and cloud-computing infrastructure and the information to which they have access. In general, all three technologies are quite difficult to secure and consequently pose a significant challenge to information security experts. Over a four-year period from 2005 to 2009, roughly coincident with the emergence of mobile computing, the Privacy Rights Clearinghouse reported 251 million data compromises. With more and more sensitive information residing on mobile, wireless, and cloud devices than ever before, the necessity for encryption of information on these devices has never been greater. Some experts estimate that almost one-half of all corporate information is stored on or accessible from a mobile or wireless device (Belsanti, 2009). The emergence of mobile, wireless, and cloud devices as tools of productivity and convenience increasingly necessitate the need for advanced mobile and wireless encryption. Furthermore, as more sensitive and financially valuable information is accessible from mobile, wireless, and cloud devices, the stakes in securing information found on these devices will grow exponentially.
New security concerns for mobile devices are challenging the way many executives approach conducting business. The future of executive communication will involve new technologies to support encryption of sensitive communications. This encryption technology is beginning to develop today. Upon entering office, US President Barack Obama had many quarrels with White House staffers over the security of his BlackBerry smartphone. The resulting outcome of these quarrels was an increased emphasis on encryption and encryption systems for mobile smart devices, especially for those working with sensitive information in the government space. New technologies are emerging to secure and scramble digital voice and data transmission over smartphone devices. While still new, companies such as Nokia and SecuSmart are working tirelessly on new encryption algorithms and products to meet the rising demand for mobile device encryption. One such product, known as SecuVoice, works with many US federal government-issued mobile devices and employs new encryption technologies to provide increased assurance and improved reliability. The SecuVoice platform uses 128-bit Elliptic Curve Cryptography algorithms, which are up to 10 seconds faster in connection time and significantly more reliable than traditional encryption algorithms used today. German government officials have already approved SecuVoice and other encryption systems for use in governmental affairs. Furthermore, security for these systems and the devices they protect is only expected to improve as costs decline, encryption system providers fine-tune their algorithms and more sophisticated encryption algorithms are developed (Kirk, 2009). Consequently, as these devices become more available, the nature and scope of communications in the business world is likely to change as executives adopt these new and more secure encryption technologies.
One would be foolish to assume that new encryption technologies will mitigate all mobile, wireless, and cloud vulnerabilities in relation to data security. Quite to the contrary, as more and more data encryption technologies are developed, hackers and other criminals will devote more and more effort to circumventing these technologies. Simply put, the war to protect data through encryption cannot be won. As the future unfolds, more advanced encryption algorithms, products, and services will be developed to replace stale encryption algorithms, products, and services that become compromised or made obsolete by hackers. For example, hackers cracked the Wired Equivalent Privacy (WEP) wireless encryption algorithm, a once commonly used encryption technique for home wireless networks, only a few years after it was introduced, forcing wireless security professionals to develop new alternative encryption algorithms like Wi-Fi Protected Access (WPA) to protect wireless data traffic. Unfortunately, this encryption algorithm was also quickly circumvented. Security professionals turned academic research hackers at Hiroshima University and Kobe University in Japan, have made WPA encryption a relic of antiquity as well. In November 2008, Japanese researchers, Toshihiro Ohigashi and Masakatu Morii, demonstrated that they could hack the Wi-Fi Protected Access encryption system in one minute or less. Furthermore, they published an in-depth academic paper explaining how to do it (McMillan, 2009). No algorithm or encryption scheme can last forever. We hear almost daily news stories about security breaches and encryption circumnavigation in the business world and more alarmingly, a quick web search reveals a series "how-to hack various forms of encryption" tutorials. Hackers have reduced the encryption of Apple's iPhone to one mere novelty and have published guides on how to steal information from them (Chen, 2009). As is clearly illustrated by the demise of several popular wireless network encryption algorithms and the prevalence of guides on how to hack many of today's most popular mobile devices, no algorithm is impenetrable. As encryption becomes more sophisticated, hackers will become more sophisticated in their methods of circumventing encryption. Consequently, the future of encryption will continue to develop rapidly as both hackers and security professionals play a game of cat and mouse to hide sensitive information.
Luckily, digital security consortiums and groups such as the attendees of CanSecWest, one the world's largest modern digital security conferences, are already at work exploiting weaknesses in their encryption systems in order to develop the more secure encryption systems of the future and take the fight for information security to the hackers' doorsteps. Research in Motion (Blackberry), Google (Android), Nokia (Symbian), and Microsoft (Windows Mobile) recently announced in 2009 that they would give $10,000 to hackers every time they could successful attack and exploit any one of their smartphone operating systems. Evidently, the goal is for the large mobile device providers to gather information on how hackers exploit their operating systems and devices in hope that they can use that information to develop more sophisticated and difficult to exploit systems (Sacco, 2009). While the technique may seem unorthodox, it does have its merits. To keep future encryption algorithms secure, organizations and security professionals must learn today how to think like, work like, and be like a hacker. Only by understanding what the hacker thinks, wants, and does will organizations and security professionals truly be able to develop the best and most sophisticated encryption algorithms for the future. It goes without saying that as the world becomes a more and more interconnected place, laced in a web of wireless data traffic, mobile devices, wireless networks, and cloud-computing infrastructures, the nature and scope of encryption will become more and more different. Only by understanding the thoughts of hackers today, will security professionals be able to develop more secure and sophisticated techniques and encryption algorithms for stopping hackers tomorrow.
Advantages & Disadvantages of Encryption
There are many reasons organizations use and do not use encryption. Typically, organizations use encryption as a component in their overall security strategy. A common phrase repeatedly stated within the security community is that "defense-in-depth is a necessity in security." Encryption helps facilitate a defense-in-depth security strategy by making information on devices, which presumably have their own security controls, inaccessible without a decryption algorithm on top of access to the devices. Furthermore, encryption strategies can also mitigate the threat of physical theft of information by securing wireless, removable storage, and portable devices. Additionally, encryption strategies also help companies meet regulatory requirements to secure confidential information. Federal statutes and acts such as the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX) regulate the security and confidentiality of information stored on commercial as well as noncommercial information systems. Encryption strategies help organizations meet federal regulatory requirements and protect confidential information from hackers (Ortiz, 2008).
Nevertheless, some organizations choose not to use encryption for equally relevant reasons. First, everything comes with a price. Encryption strategies can be very expensive to implement and maintain (Ortiz, 2008). Once implementation costs are incurred, there are maintenance costs. Depending on the algorithm and encryption technique used, encryption strategies can be very administratively costly and expensive. Furthermore, management of keys, both public and private, can become quite cumbersome especially when strategic encryption responsibilities are not the sole responsibilities of employees managing the encryption system. Moreover, while encryption strategies can easily overload employees with more tasks, they can also overload the system, degrading system performance and reducing system reliability. Among others, a traditional full-disk encryption strategy can dramatically increase data access times (Ortiz, 2008).
Another disadvantage of encryption strategies is that the procedures for encryption could be treated as a stop sign. Everyone will stop at a stop sign when others are around but once there is no one around, they will not stop or will simply do a "rolling stop" which is not the correct procedure. Similarly, the same situation may develop when using an encryption strategy. Everyone will follow the procedures while the boss is watching, but once the deadline for a job gets closer and the boss goes home there will be corners cut, security will be overlooked, and the potential for a security breach will increase. Security is useless if it is not used. This extra burden for employees could be disastrous because if encryption is not used correctly then there can be a false sense of security created (Ortiz, 2008).
A final disadvantage of encryption is that it may severely limit the ability of users to selectively share their work at a fine-grained level. When you actually want someone to be able to have access to data, there could be roadblocks and these roadblocks may not lead to ideal solutions. Two choices could be made. The original owners of encrypted work could decrypt all the data and then send them to the other party, or the original owners could give the other party access to their decryption key (Goyal, 2006). The issue is that both solutions are less than ideal. The first solution is very cumbersome to the parties involved while the second solution gives access to all data using the decryption key, not just the data relevant to the project for which data is being shared. Consequently, while data encryption has its advantages, it also has its disadvantages. Professionals wishing to adopt an encryption strategy for their organization need to carefully weigh the costs and benefits of encryption to assure that encryption strategies meet their needs and fit their business objectives.
AxCrypt is an open-source and freeware encryption tool for Windows that was first released to the public by Axantum on November 19, 2001. It currently has support for both 32-bit and 64-bit operating system environments (Features of AxCrypt) and has many advantages and disadvantages in use. Its intuitive nature and simple design make it easy configure, yet its freeware status also limits its functionality and limits its viable use.
The software automatically re-encrypts encrypted files after modification (Axantum).
The software will generate a key file for you upon request.
The software will allow you to create your own key file.
Files may be encrypted using a passphrase or password.
A "shred and delete" function allows to be destroyed using permanently instead of being placed into the Recycle Bin.
The software can encrypted data files to make them difficult to identify. For example, the software can rename a file named "paper" to something unidentifiable, such as "Dx546tV."
Help menus, right-click options, and other features make the software easily to use and accessible to novices.
The software requires management of many key files and passphrases or passwords. If you do not remember a passphrase or password or lose a key, you may not be able to decrypt the file.
The software utilizes symmetric encryption, which is inherently less secure, since there is only one key.
The software cannot truly encrypt folders. If you encrypt a folder, anything in the folder will be encrypted, but the folder itself will not be encrypted. Files added to the folder later, will not be encrypted.
As Bruce Schneier suggested, cryptography's sole purpose is to keep information secure and out of the wrong hands. In one way or another, human beings have always had a desire and a need to keep their sensitive and confidential information secure from others, whether it be for political, personal, or safety reasons. Consequently, the science of cryptography and modern encryption has evolved over thousands of years to help both ancient and modern societies secure their information from wrongdoers. And, while cryptography has come a long way from ancient times when primitive substitution alphabets were used to conceal messages, its goal remains to simply keep information out of the wrong hands. Today, complex mathematical permutation algorithms have become the norm for concealing any message from prying eyes. Furthermore, with modern conveniences and technologies such as the Internet, the uses and applications of encryption are growing daily. Without a doubt, encryption has come and long way in the last several thousand years and given its successes and failures, abilities and deficiencies, it will likely go a long way in the next several thousand years. As technologies evolve and our societies progress into the future, human beings can only help but wonder what the future holds for the complex science of encryption and what its implications will be on our history, our societies, and our future way of life. Yet at its core, human beings must realize that no encryption algorithm is impenetrable and the goal of any encryption algorithm, no matter how complex or how simple, is always to protect your sensitive information from prying eyes.