steadily been implementing AES into many other algorithms and
               protocols. For example, Microsoft’s BitLocker (a full disk encryption

               application used with a Trusted Platform Module) uses AES. The
               Microsoft Encrypting File System (EFS) uses AES for file and folder
               encryption. AES supports key sizes of 128 bits, 192 bits, and 256 bits,
               and the U.S. government has approved its use to protect classified data
               up to top secret. Larger key sizes add additional security, making it
               more difficult for unauthorized personnel to decrypt the data.


               Triple DES Developers created Triple DES (or 3DES) as a possible
               replacement for DES. The first implementation used 56-bit keys but
               newer implementations use 112-bit or 168-bit keys. Larger keys
               provide a higher level of security. Triple DES is used in some
               implementations of the MasterCard, Visa (EMV), and Europay
               standard for smart payment cards. These smart cards include a chip
               and require users to enter a personal identification number (PIN)
               when making a purchase. The combination of a PIN and 3DES (or

               another secure algorithm) provides an added layer of authentication
               that isn’t available without the PIN.

               Blowfish Security expert Bruce Schneier developed Blowfish as a
               possible alternative to DES. It can use key sizes of 32 bits to 448 bits
               and is a strong encryption protocol. Linux systems use bcrypt to
               encrypt passwords, and bcrypt is based on Blowfish. Bcrypt adds 128

               additional bits as a salt to protect against rainbow table attacks.


               Protecting Data with Transport Encryption

               Transport encryption methods encrypt data before it is transmitted,
               providing protection of data in transit. The primary risk of sending
               unencrypted data over a network is a sniffing attack. Attackers can use
               a sniffer or protocol analyzer to capture traffic sent over a network.
               The sniffer allows attackers to read all the data sent in cleartext.
               However, attackers are unable to read data encrypted with a strong

               encryption protocol.

               As an example, web browsers use Hypertext Transfer Protocol Secure
               (HTTPS) to encrypt e-commerce transactions. This prevents attackers
               from capturing the data and using credit card information to rack up