Skip to main content

Encryption


Have you ever wondered when you start a conversation with new person it shows “Message to this chat and call are now secured with end-to-end encryption”. Here what does the encryption mean? If you are like me, who wonder what does it means I am here to clear your doubt.


Encryption:

It is a process of converting readable texts into unreadable form(text) through key which can be use to decrypt the unreadable text into plain text.

What is key?

A key is a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it encrypts data so that only someone with the right key can decrypt it.

In Computer term unencrypted data is called “Plain text” and encrypted data is called “Cipher text” and the formula used to encode and decode the text is called “Cipher”.And the science of encryption and decryption of information is called “Cryptography”.

Why is data encryption necessary?

Privacy: Encryption ensures that no one can read communications or data except the intended recipient or proper data owner. This prevents cyber criminals, ad networks, Internet service providers, and in some cases governments from intercepting and reading sensitive data.

Security: Encryption helps data breaches, whether the data is in transit or at rest. If a corporate device is lost or stolen and its hard drive is properly encrypted, the data on that device will likely still be secure. Similarly, encrypted communications enable the communicating parties to exchange sensitive data without leaking the data. Encryption also helps prevent malicious behavior such as man-in-the-middle attacks.

Authentication: Public key encryption, among other things, establishes that a website's origin server owns the private key and therefore was legitimately issued an SSL certificate (see What is public key encryption? to learn more).

Types of encryption:
1.Symmetric cipher
2.Asymmetric cipher

1.Symmetric cipher use only one key which does the both works encode as well as decode the text. The key is sometime referred as shared secret key because the same is use in encryption and the same key is public provide to the authorized user. The most widely use symmetric cipher is Advanced encryption standard (AES). Symmetric encryption is usually much faster than Asymmetric encryption.

2. Asymmetric cipher uses two keys in which any one can be used to encode the text and the other key can decrypt the text.

Note: The key which encode the text can be use to decode the text.
This type of often use prime numbers to create keys since it is computationally difficult to factor large prime numbers and reverse engineer the encryption. The RSA(Rivest-Shamir-Adieman) is most commonly used algorithm.





Comments

Post a Comment

Popular posts from this blog

Secure Network(Week 4)

Network hardening is the process of securing a network by reducing its potential vulnerabilities through configuration changes and taking specific steps.   Implicit deny is a network security concept where anything not explicitly permitted or allowed should be denied. Analyzing logs is the practice of collecting logs from different networks and sometimes client devices on your network, then performing an automated analysis on them. Correlation analysis is the process of taking log data from different systems and matching events across the systems. Flood guards provide protection against Dos or denial of service attacks. EAP-TLS is an authentication type supported by EAP that uses TLS to provide mutual authentication of both the client and the authenticating server.   if you really want to lock down your network, you can implement 802.1x . DHCP Snooping Attack Why WEP Encryption fall apart? A general concept in security and encryption is to never send the plain ...
Post a Comment
Read more

Troubleshooting and debugging

Troubleshooting is the process of identifying, analyzing, and solving problems.  Debugging is the process of identifying, analyzing, and removing bugs in a system. We sometimes use troubleshooting and debugging interchangeably.  But generally, we say troubleshooting when we're fixing problems in the system running the application, and debugging when we're fixing the bugs in the actual code of the application. Debuggers let us follow the code line by line, inspect changes in variable assignments, interrupt the program when a specific condition is met, and more. System calls are the calls that the programs running on our computer make to the running kernel.   A reproduction case is a way to verify if the problem is present or not. Where to check for log file in OS? On Linux , you'd read system logs like /var/log/syslog and user-specific logs like the .xsession-errors file located in the user's home directory. On MacOs , on top of the system logs, you'd go through...
Post a Comment
Read more

Authentication Authorization Accounting(week 3)

Identification is the idea of describing an entity uniquely. Biometric authentication is the process of using unique physiological characteristics of an individual to identify them. C.R.L(Certificate revocation list) :This is a signed list published by the CA which defines certificates that have been explicitly revoked. Lightweight Directory Access Protocol(LDAP): LDAP is an open industry-standard protocol for accessing and maintaining directory services. Authentication is related to verifying the identity a user, authorization pertains to describing what the user account has access to or doesn't have access to. An access control list or ACL , is a way of defining permissions or authorizations for objects.  RADIUS or Remote Authentication Dial-In User Service , is a protocol that provides AAA services for users on a network.It's a very common protocol used to manage access to internal networks, WiFi networks, email services and VPN services. when a client wants to access a r...
Post a Comment
Read more