Encryption by fastech
-
Upload
fastech111 -
Category
Internet
-
view
55 -
download
2
Transcript of Encryption by fastech
Encryption is the conversion of data into a
form, that cannot be easily understood by
unauthorized people The translation of
data into a secret code. Encryption is the
most effective way to achieve data
security.
To read an encrypted file, you must have
access to a secret key that enables you to
decrypt it. Plain text to Cipher text.
SYMETRIC ENCRYPTION
Same secret, password or key is used to
encrypt and to decrypt
ASYMETRIC ENCRIPTION
It uses two different keys - a public key and
a private key .
SIMPLE: This encryption is easy to carry out all users have to do is
specify and share keys and begin to encrypt and decrypt ENCRYPT AND DECRYPT YOUR OWN FILESIf you use encryption for messages or files which you alone
intend to access there is no need to crate a different keys single key encrpytion is best for this
FAST:Symmetric key encryption is much faster than asymmetric key
encryption PREVENT WIDESPREAD SECURITY COMPROMISESecret key is used for communication with every different party.
if a key is compromised, only the message between a particular pair of senders and receiver is affected communications with others are still secured.
NEED FOR SECURE CHANNEL FOR
SECRET KEY EXCHANGE
sharing the secret key in the beginning is a
problem in symmetric key encryption. it
has to be exchanged in a way that ensures
it remains secret
TOO MANY KEYS
A new shared key has to be generated for
communication with every different party
Encryption Algorithm is a mathematical
procedure for performing encryption on
data, through the use of an algorithm,
information are made into a meaningless
cipher text and requires the use of key to
transform the data back into its original
form
Stream Cipher: Here the plain text are encrypted one at a
time, each bits of plain text are converted into successive
varying digits. Ex. RC4, SEAL Sample Example: “We are
spartans“ is written as “ZH DUE VSDUWDQV”
Block Cipher: Here block of plain texts are encrypted,
each block has fixed length and unvarying digits. Ex.
Rijndael, IDEA (International Data EncryptionAlgorithm)
Sample Example: “We are spartans“ is written as “ 25 51
11 24 51 34 53 11 24 44 11 33 34 ”
It uses the two different keys for encryption and decryption,
public key is used for the encryption and private key is
used for decryption. As the symmetric key encryption
does not provide much of the security, the importance of
the Asymmetric key is more. It is also known as Public
key encryption. It has the combination of public key and
private key, private key is only known by your computer
while the public key is given to other computers with
which it wants to communicate securely. As everyone
has the public key, but to decode the message one has
to use the private key.
The combination key is based on the prime numbers, thus it makes highly secure. As many as prime numbers are there, that many keys are available. Pretty Good Privacy (PGP) is one of most public key encryption program. Public key encryption can be adopted in large scale, such as for web server and the application to be secure. The Digital Certificate or digital signature gives the authentication between the users. These certificates can be obtained by the Certificate Authority, which plays the role as a middleman for both the users.
Public Key Infrastructure (PKI)To make most out of the encryption, the public keys must be built
to create, maintain, use and distribute, we need the
organization known as Public Key Infrastructure.
Certificate Authority (CA)
Without the CA one cannot issue the Digital Certificate, which
contains both the public and private key for encrypt and decrypt
the data. Depending upon the volume of the identity verification,
Certificate Authority can issue Digital Certificate for different
level of trust. CA adopts identifying individual rather going by
company. To verify individual CA can ask for Driver License as
proof of identity or Notarized letter. This is only applicable for
initial level of trust. For high level trust it can go for biometric
information like fingerprint, iris scan etc
Registration Authorities (RAs)
These have similar functionality as the CA has, but RAs are one down
to the level of hierarchy. This will work under the CA, mainly to
reduce the workload of Certificate Authority. The RA can issue the
temporary digital certificates. The temporary digital certificates have
limited validity, and not fully trusted, unless CA verifies them
completely
Digital Certificates These certificates are used to verify the identity of a person or a company through CA. It can also be used to retrieve rights and authority. Some of them have limited access such as encrypt and decrypt. These Digital Certificates can be issued for particular laptops, computers, routers etc. Computers and web browsers have the facility to store these certificates in particular memory.
RSA It most recognized asymmetric algorithm, the RSA stands for
the last names of the inventors Ron Rivest, Adi Shamir, and Leonard Adleman. They developed this algorithm in 1978, since then it is widely used. There are other algorithms used to generate the asymmetric keys, such as ElGamel and Rabin, but not popular as RSA, because a large corporation RSA Data Security stands behinds it.
Authentication
Protects personal data such as passwords.
Privacy
Provides for confidentiality of private
information.
Accountability
To secure important information e.g.
: Health records
Credit card information Student records
Etc. Prevents information from getting
stolen or read
Without encryption, there is no reliable
security
Make sure the encryption system has a
complete key management application.
This will help manage and protect the data
and keys, and help safely match
encrypted data with the right key.
Real Life Examples Used in the military and the government Now used in everyday life:
Online banking E-commerce Student records, health records, tax
records etc.ATM machines Social networking (emails,
texts, instant messengers) Businesses
Information is also vulnerable when it’s in transit. If
the data is not encrypted, it can be monitored
and captured online. This is why you want to
ensure that any sensitive online
communications, such as online banking,
sending e-mails, or perhaps even accessing your
Facebook account, are encrypted. The most
common type of online encryption is HTTPS, or
connecting to secured websites. This means the
traffic between your browser and the website is
encrypted.
Look for https:// in the URL or the lock icon in your browser.
Many sites support this by default (such as Google Apps),
and websites like Facebook and Twitter give you the
option in your account settings to force HTTPS. In
addition, when you connect to a public Wi-Fi network,
use an encrypted network whenever possible. WPA2 is
currently one of the strongest encryption mechanisms
and the type you should choose. Finally, whenever
sending or receiving e-mail, make sure your email client
is set up to use encrypted channels. One of the most
commonly used is SSL (Secure Socket Layer); many e-
mail clients use SSL by default.
Encryption is an important tool for
protecting data, but is only effective if
you have strong passwords and
maintain the overall security of your
computer .
Regardless of which type of encryption you are using or how you use it,
almost all forms of encryption share some common issues you need
to be aware of.
Your encryption is only as strong as your keys. If your key is
compromised, so is your data. If you are using passwords to protect
your keys, make sure you use strong passwords and protect them
well.
• Don’t lose or lose access to your keys. If you lose your encryption
keys or can't access them because you've forgotten the password
that protects them, you most likely cannot recover your data.
Your encryption is only as strong as the security of computer. If your
computer is infected, the bad guys can compromise your encryption.
Maintain the overall security of your computer. Encryption does nothing to protect against viruses, worms,
Trojans, unpatched vulnerabilities, or social engineering attacks.
Always be sure to back up any confidential data securely. This ensures that if you lose your device or your encryption keys protecting your data, you can still recover your data.
Use encryption based on publicly known algorithms, such as AES (Advanced Encryption Standard) or Blowfish, rather than proprietary algorithms. Also, always be sure you are using the latest version of your encryption programs.
Consult an IT professional if you need help. Incorrectly installing, configuring, or using encryption can render your information permanently inaccessible.