Randomized Multilevel Encryption: A Promise To Better Computer Security

Computers have seen various Operating Systems in olden days, and seeing new developments. But one crucial flaw in their security is that passwords have to be stored somewhere, for user login, which leaves the system open to compromise. Although the encryption algorithms are one way, but with the advent of faster computers and newer techniques in password cracking, they have turned futile. The password storing files store passwords in an encrypted format, and are accessible only to the system and the root users of the systems. Bugs in software allow malicious hackers to gain access to the system with root privileges and they can download the password file(s) and user accounts can be compromised. After gaining the password file, passwords could be cracked. In Randomized Multi-level encryption, password is first encrypted with one algorithm, and the generated hash is encrypted with another, followed by a random number of randomly chosen algorithms. The selection of the algorithms and their sequence is decided, when user account is created. The information about the algorithms used, and their sequences is stored in another file. Now, although this file may be accessible to the hacker, and he/she may be able to get the password file as well, but brute forcing the passwords will be very time consuming. Also, the rainbow tables can not be generated for all possible combinations Even if all combinations are generated by some person, taking into account all encryption algorithms currently used, rainbow tables would still take years to generate, even after using arrays of multiple computers using parallel processing, and by that time, new algorithms would be developed, thereby making their rainblow table databases outdated. Randomized Multi-level encryption is rightly a promise to better computer security. It can not only reduce the chances of account compromise, but also reduce them to null.