ENCRYPTION

When we hear of data security, one of the terms we hear most often is encryption. But how many people does actually know what encryption is? Let’s get to know about encryption a little bit more.

The word encryption is derived from the Greek word kryptos, which means concealed or secret. The encryption use is almost as ancient as the art of communication itself. Before the introduction of the Diffie-Hellman key exchange and RSA algorithms, governments and their armies were the only real users of encryption. With the introduction of Diffie-Hellman and RSA led to the extensive use of encryption in the consumer and commercial areas to safeguard data both being sent across a network, which is called the data in transit and stored on flash drive, smartphone or a hard drive which is called data at rest.

Encryption is the method of changing an original message into an arrangement that cannot be used by unsanctioned persons. With this procedure, anybody that does not have the understanding and equipment to change an encrypted message back to its original format will be incapable of deciphering it. The science of encryption is known as cryptology and it incorporates two disciplines, which is known as cryptography and cryptanalysis. Cryptography comprises of procedures that is involved in coding and deciphering messages so that others cannot comprehend them. Cryptanalysis is the procedure of decrypting the original message or plaintext from an encoded message or ciphertext without the knowledge of keys and algorithms used to perform the encryption.

Data that is frequently signified to as the plaintext is encrypted using an encryption algorithm and an encryption key. This procedure creates ciphertext, which can only be viewed, in its original form if decrypted with the right key. Decryption is merely the opposite of encryption, following the same procedure but reversing the order in which the keys are applied. Currently encryption algorithms are separated into two categories: symmetric and asymmetric. Symmetric encryption algorithms can be separated into stream ciphers and block ciphers. Stream ciphers encrypt a single bit of plaintext at a time, while block ciphers take a number of bits, which is normally 64 bits in modern ciphers, and encrypt them as a single unit. Some of the example of common symmetric encryption algorithms is blowfish, cast 5, serpent etc. Asymmetric encryption algorithms also known as public key algorithms, on the other hand use different keys for encryption and decryption. The decryption key cannot be derived from the encryption key. Public key procedures are significant as they can be used for transmitting encryption keys or other data securely even when the parties have no chance to concur on a secret key in private. Some of the common asymmetric encryption algorithms are RSA encryption algorithm, Diffie-Hellman, Digital Signature Algorithm etc.

The knowledge of the distinctive states of data can be of help in choosing the kinds of encryption and security measures that are suitable for protecting it. There are three fundamental states of data: data at rest, data in motion, and data in use. Data at rest is a term that signifies to data stored on a device or backup medium in any arrangement. It can be data stored on hard drives, in offsite cloud backup, backup tapes, or even on mobile devices. It makes it a data at rest because it is an inactive data that is not presently being transferred across a network or actively being read or processed. Data at rest is normally in a constant state. The second stage of data is data in motion. It is a data that is presently moving across a network or sitting in a computer’s RAM prepared to be read, updated, or processed. Data passing through the networks from local to cloud storage or from a central mainframe to a remote terminal must be encrypted so that it becomes impossible to read or be manipulated by hacker or any machine amid the data’s destination and the source. This data in motion contains data moving through cables and wireless transmission and it can also be emails or files transferred over FTP or SSH. The third stage is the data in use. It is a data that is not just being kept inactively on an external storage media or hard drive but is being processed by one or more applications. The data is presently in the process of being created, updated, added, or deleted. It also comprises data being watched by users retrieving it through numerous endpoints. Data in use is vulnerable to different kinds of threats contingent upon where it is in the system and who is able to use it. The most defenseless point for data in use is at the endpoints where users are able to access and interact with it.

Data at rest may exist on any kind of long-lasting storage media, such as disk or tape. The media is protected using encryption procedures, which gives the advantage of preventing it from reading or writing of data without the accurate decryption key. Algorithms used in encryption guarantees that reading data without the right key is almost impossible. One of the big disadvantages of encrypting a data at rest as it relates to keys is that the security of data turns out to be the security of the encryption key. If one looses that security key then they successfully lose the data. Encrypting data and generating the keys is essential to encrypt and decrypt the data and it can be very expensive. Regardless of the type of encryption used, the systems performing the heavy lifting must have accessible resources.

References

ASPG. (2015, n.d n.d). The Three States of Digital Data. Retrieved January 28, 2016, from Advanced Software Products Group: http://aspg.com/three-states-digital-data/#.VVdx01yNQRY

E&D.com. (2015, n.d n.d). Encryption Algorithms. Retrieved January 28, 2016, from Encryption and Decryption.com: http://www.encryptionanddecryption.com/algorithms/encryption_algorithms.html

Mattord, M. E. (2014). Management of Information Security (Fourth ed.). Stamford, Connecticut: Cengage Learning.

Rouse, M. (2015, n.d n.d). Encryption. Retrieved January 28, 2016, from Tech Target Search Security: http://searchsecurity.techtarget.com/definition/encryption

Tangient LLC. (2015, n.d n.d). Encryption Advantages and Disadvantages. Retrieved January 28, 2016, from Networking116: http://networking116.wikispaces.com/Encryption+Advantages+and+Disadvantages

Rakhmanov, M. (2011, February 23). Picture Credit: Network Encryption in Modern Relational Database Management Systems. Retrieved January 28, 2016, from Team Shatter: http://www.teamshatter.com/topics/general/team-shatter-exclusive/network-encryption-in-modern-relational-database-management-systems/