Introduction and Mechanics of Encryption

680 Words3 Pages
Introduction and Mechanics of Encryption Encryption The conversion of data into ciphertext, that cannot be easily understood by unauthorized people. It is the only way to protect information in transit over the Internet. It is also a necessary part of defense-in-depth to protect information stored on Web sites or in a public cloud. Basic Encryption Methods: Several methods are used to encrypt data before being sent over the Internet. Symmetric Encryption Symmetric method: same key used for encryption and decryption. Advantage: Much faster than asymmetric encryption Disadvantage: 1. Both sender and receiver need to know the shared secret key. 2. A separate secret key needs to be created for use by each party with whom the…show more content…
This makes it harder to spot patterns in the ciphertext that reflect patterns in the original plaintext. Encryption Algorithm The nature of the algorithm used to combine the key and the plaintext is important. Secrecy is not necessary for strength. Indeed, the procedures used by the most accepted and widely used encryption algorithms are publicly available. Their strength is due not to the secrecy of their procedures, but to the fact that they have been rigorously tested and demonstrated to resist brute-force guessing attacks. Therefore, organizations should not attempt to create their own “secret” encryption algorithm, but instead should purchase products that use widely accepted standard algorithms whose strength has been proven. Policies for Managing Cryptographic Keys This is often the most vulnerable aspect of encryption systems. No matter how long the keys are, or how strong an encryption algorithm is, if the keys have been compromised, the encryption can be easily broken. Therefore, cryptographic keys must be stored securely and protected with strong access controls. Disadvantages of Encryption 1. Some sensitive information, such as process shortcuts, may not be stored digitally and, therefore, cannot be protected by being encrypted. 2. Encryption protects information only in specific situations. For example, full disk encryption protects the information stored on a laptop in the event that it is
Open Document