Thursday, September 23, 2021

Encryption or Cryptography basics

Encryption or Cryptography

This is one of life changing technology, ever introduced. It helps in providing data security for sensitive information. Encryption or cryptography both carries same meaning. Cryptography is like secure communications techniques by encoding the message using encryption. Encryption is a process of scrambling data or information so that only authorized receiver can understand the information. 

Encryption is a way of encoding data in secure way so that only authorized parties can understand or read it. Technically, it is the process of converting human readable plaintext to inexplicable text, which is known as ciphertext. In simpler terms, encryption takes readable data and alters it in a way so that it appears random data. 

It can help in protecting the data you send, receive, and store, using a system or device. Such information is including of text messages stored on your smartphone, media files and personal files at your personal systems, running logs in the fitness watch, health data from smart watch and banking information sent through your online account, computer log files etc.

Encryption requires the use of a cryptographic key. There are two types of encryption available in market, i.e. Symmetric key and asymmetric key encryption.

  • Symmetric encryption uses a single password or key to encrypt and decrypt data and all communicating parties use the same secret key.
  • Asymmetric encryption uses two keys for encryption and decryption. one password or key is used for encryption, and a different key is used for decryption. 

A key

A cryptographic key is a string of characters used within an encryption algorithm for altering data so that it appears random. Same as a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.

Similarly, two types of key used is known as public key and private key. A public key, which is shared among users, encrypts the data. A private key, which is not shared, decrypts the data.

Why needed

It is mostly required for privacy, defending hacking and attacks, regulatory requirements, authentication, availability and data integrity etc. Encryption is essential to help protect your sensitive personal information. Users should always encrypt any messages they send, preferably using a form of public key encryption. It is also a good idea to encrypt critical or sensitive files anything from personal photos, sets of family photos, company data like personnel records or accounting history, health data etc. However, most drawback of encryption is, it can be used against users in form of ransomwares attacks which is presently a trending attack.

Many organizations, technology firms were using encryption since a long time. Big software and application firms have also implemented encryption at multiple environments. Most legitimate websites use what is called secure sockets layer (SSL), which is a form of encrypting data when it is being sent to and from a website. This keeps attackers away from accessing that data in transit. Windows offers full disk encryption with Windows 10 pro edition. Mac OS X Yosemite wants you to set up encryption by default when you install it. Linux distros also provides encryption at the time of installation. Many encryption tools are available to use for disk encryption, os encryption, file encryption etc.

Common Encryption types

There are common encryption types or encryption algorithms used are as; AES, DES, SNOW, Elliptic curve cryptography, RSA, Triple DES, TwoFish and encryption using SSL etc. on a brief lets look below,

DES

Data Encryption Standard (DES) was introduced at 1977 by U.S Govt. a low level encryption standard. DES has a smaller key size which makes it less secure to overcome this triple DES was introduced but it turns out to be slower. DES takes input as 64-bit plain text and 56-bit key to produce 64-bit Ciphertext.

AES

Advanced Encryption Standard introduced in 2001 by NIST and is widely used now a days which is advanced encryption. AES have 128,192, or 256-bit secret key.

RSA 

Rivest-Shamir-Adleman (RSA) is an asymmetric encryption algorithm that is based on the factorization of the product of two large prime numbers.

Twofish

Twofish is considered one of the fastest encryption algorithms and is free to use. It uses the method that ciphers data blocks of 128 bits. 

In this cloud technology era, the cloud platform are also coming with encryption by default. For example: Data stored in AWS is secure by default; only AWS owners have access to the AWS resources they create. However, customers who have sensitive data may require additional protection by encrypting the data when it is stored on AWS.

Finally, this is just basic understanding on encryption. Secure end to end encryption makes life easier and safer for everyone. So use encrypted service and use encryption to protect yourself. 

Many tools are there for the encryption whether for file and folder encryption or full disk encryption. 

Windows pro comes with bitlocker by default encryption standard. 

similarly 96Crypt (shareware), Advanced encryption package, Bitcrypt, PGP, etc. 

Please feel free to share your comments.

-DR


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Network Scanning Tools

Network Scanning through Nmap and Nessus Network scanning is a process used to troubleshoot active devices on a network for vulnerabilities....

  • Telecom | STM-1/4/16 SDH Multiplexer- Part 2
    STM-1/4/16 SDH Multiplexer In my older post I have covered the basic STM and STM-1. STM1 is a synchronous digital hierarchy (SDH) is standar...
  • General IT Controls -ITGC & GTAG
    General IT Controls (GITC or ITGC) Information Technology General Controls is a type of internal controls which is combined a set of policie...
  • EMS or NMS
    EMS or NMS Enterprise Management System Network Monitoring System Enterprise Management System is a bundle of software or application used f...