Overviewtop
Security and encryption are complicated subjects which involve concepts and terms with which you need to be familiar.
The CerebraLock Method itself comprises its own set of concepts and terms.
Here is an explanation of some of the terms used throughout the documentation.
Encryptiontop
Encryption is the art and science of taking a piece of information - the plaintext - and converting it into indecipherable gibberish - the ciphertext.
(And, of course, the opposite - but only if we are authorized to do so.)
Nowadays there are two main kinds of encryption used to accomplish this: symmetric encryption and asymmetric (or public key) encryption.
Encryption combines the plaintext and a second piece of information, a key, in a mathematical procedure to produce the ciphertext.
To get back the plaintext one needs the key; in other words, the key is the password protecting the access to the data.
Symmetric encryption is fast and is used for large amounts of data.
The key is used for both encryption and decryption, so it needs to be kept secret.
It's easy to send someone some ciphertext, but how do they get the plaintext?
You need to give them the key.
This key may be intercepted and then an attacker can get the plaintext, too.
To address this problem, asymmetric encryption was developed.
Here you have two keys (a key pair): a public key is used for encryption (but won't work for decryption), and a private key is used for decryption.
Public keys do not have to be kept secret!
If you get a public key from someone you can produce ciphertext which only they - with their private key - can decipher.
For speed and efficiency reasons asymmetric encryption is used for small amounts of data.
So usually the two methods are combined: data is encrypted with a symmetric key and then the symmetric key is encrypted with a public key.
Now even the data does not have to be kept secret anymore.
Only the person with the appropriate private key can decrypt the symmetric key and then the data.
Steganographytop
Steganography is the art and science of taking a piece of information and hiding it in another piece of information.
For example, data can be hidden in an image by putting it bit by bit into the pixels of an image.
If we only use the lowest bits in each image pixel then the difference in color is not visible to our eyes.
The image looks unchanged.
CerebraLock makes use of this when you put data into containers.
(See Data Formats: Containers.)
Item Sets and Categoriestop
An item set is a collection of tens to a couple of hundred items.
An item can either be an image or a short line of text.
See CerebraLock: Item Sets for more details and examples.
Items fall into three categories:
Known items (symbol ) are items you are intimately familar with.
Strong recognition, a fond memory or association, a positive reaction.
Unknown items (symbol ) are items which have no special meaning to you.
Weak or no recognition, indifference, a neutral or 'don't care' reaction.
Coercion items (symbol ) are known items, but something makes them even more special.
Strong recognition but unpleasant or negative (or extremely positive - it doesn't matter, as long as the reaction is different from the other two).
As long as you can reliably sort your items into three categories they can be anything at all.
Item sets are used by CerebraLock to create locks (see below) which are the equivalent of lists of passwords.
Lockstop
CerebraLock creates so-called locks.
Locks contain asymmetric key pairs to encrypt (lock) or decrypt (unlock) data.
You can think of a lock as a physical padlock where only the person who created it has the key.
If you want to keep your own data secure, put it in a box and lock it with one of your locks.
If you want to securely send data to someone else, put it in a box, lock it with one of their locks, and then send it to them.
The locks also contain the access sequences representing your passwords.
Each access sequence - when solved correctly - produces its own symmetric key which in turn
is used to decrypt the private key (common to all access sequences) which you need to gain access to your data.
You can assign separate locks for the metadata (information about documents) and data (information in documents).
Metadata is encrypted with the log in lock.
Data is encrypted with the default lock which is either the data lock (if you assigned one), or the log in lock.
Access Sequences and Entry Screenstop
An access sequence is a sequence of entry screens.
It represents a 'password' with each entry screen representing a 'digit'.
See CerebraLock: Entry Screens (Compare Variant) for more details and examples.
Perform Entry Procedure, Solve Access Sequence, Open a Lock, Authenticate.
These terms are used interchangeably.
They mean entering a password to gain access.
In CerebraLock, of course, this means solving a sequence of entry screens.
Security Leveltop
The security level is a (very) rough measure of the security of a lock.
It gives an indication of two things: how likely it is to solve an access sequence by simply guessing
and how hard it is to solve an access sequence by trying all possible solutions.
The higher the security level the better.
It is expressed as odds, e.g. 1 : 1,024 means there are 1,024 different possible passwords and the odds of guessing the correct one are 1 in 1,024.
Also, an attacker would have to try 1,024 passwords (actually, on average, only half that number) to hit the correct one.
Radix, Base are the number of values in a number system.
The decimal system has radix 10 (values 0..9), the binary system has radix 2.
In CerebraLock the radix is the number of possible solutions to an entry screen which is the number of groups for the compare variant
and the number of symbols for the match variant.
The number of possible passwords in a lock is the radix raised to the power of the length of the access sequence.
See CerebraLock: A Look at Numbers for more details and examples.