What is Encryption?
Abstract
In todays Information Technology, systems are regularly attacked by bad actors and malicious entities. It is important to understand the fundamentals of these technologies and how to protect them from an incident or a breach. This paper is intended to detail the different types of encryption technologies and explain their uniqueness amongst each other.
Introduction
Encryption is perhaps the most important component of Information Technology infrastructure, it keeps the data that is stored on systems secure and out of the hands of threat actors. “To hide its content from unauthorized access, a message or a document is encrypted by taking it through a sophisticated, yet reversible, process of alteration” ( Aboutabi, M., 2014). Because encryption is such a paramount component to infrastructure, this paper will examine the different types and technologies of encryption on the market, starting with what is encryption; explaining the difference between between symmetrical and asymmetrical encryption and why hashing is different than both implementations. This paper will then examine the different types of encryption, from whole disk encryption, single user/file encryption to database encryption and so on. This paper will also examine the different encryption methodologies and pros and cons of those methodologies.
What is encryption?
Encryption is a means to secure highly sensitive information, it allows for System Administrators, Software Engineers, etc. to hide the information or obfuscate that information that it is unreadable and stays unreadable without a key, a key being a string of numbers, letters and special characters that is uniquely identified to access the data and decrypt the information. There are two types of encryption, Symmetrical and Asymmetrical, and while it is included in this section, hashing is not an encryption standard and is often times confused with encryption. It is however a means to validate the authenticity of an object and store passwords, but more on that later.
• Symmetrical Encryption
What is symmetrical Encryption? Symmetrical encryption takes data and scrambles it, making it unreadable to anyone who doesn’t have a key (Behrens, M., 2014. Para 4). The key that is used to scramble that data is the same key that is used to decrypt or unscramble the data. Symmetrical encryption is the basis of how disc encryption works. Hopefully, the key to unscramble the data is a random long string of characters, but decryption of data can be done by using a password, hence why it is used in disc encryption. Every time you log out of your workstation, or lock it, you are encrypting your data and sealing it until you use the password to decrypt it. The decryption process is generally fast, and is one of the benefits to symmetrical encryption. The downside with using a password with your symmetrical key is that you will always have to use the password to decrypt the data. This goes for any application that may need to use the data as well. The biggest disadvantage with symmetrical encryption is that there isn’t a verification process that validates the person who has the key, should be using the key.
• Asymmetrical Encryption
Asymmetrical encryption is similar in that it uses keys to protect data, however the difference lies in how it is done. Asymmetrical encryption uses a public and a private key. The private key is used to encrypt the data and the public key is used to decrypt the data. This methodology allows a process of validation, called a signature to take place. Ensuring that the person on the two ends are who they say they are. The private key being the signature and the public key used to verify its authenticity. Asymmetrical encryption is widely used through HTTPS signing, SSH authentication without a password as well as used to sign software updates and more.
• Hashing
Hashing is term that often gets confused with your standard uses of encryption, while it does apply in cryptography, it is primarily used to verify that data has been unchanged. Take for instances a password, a hash of the password is created once a password has been established, and whenever a user enters the password, the string is turned into a hash that is then validated against the existing hash, this process is known as authentication and once the user has been authenticated, they are authorized. The importance of hashing data is to determine its authenticity because if the data is ever tampered or altered, then the hash will not be the same. In theory, no two hashes will ever be alike, due in part to the diligence of cryptographers and preventing what is called collisions, when two hashes are alike. Hashing is also used to store passwords without storing them in plain text,
Types of Encryption
• Whole Disk Encryption
Whole disk encryption involves encrypting an entire disk, meaning that the full contents of a hard drive is encrypted and cannot be decrypted without the key, i.e. password (Uni. Of Col. Boulder. Para. 1). The purpose of encrypting the whole disk is to ensure that the data on the disk remains secured if it is ever lost or stolen. This methodology is also useful to thwart law enforcement from gathering information without the help of highly skilled forensic experts, while even then, the possibility of breaking the disk encryption without a backdoor is not likely. This disadvantage here is that once the data leaves the encrypted disk, it is no longer protected and is thus vulnerable to exploitation.
• Single User/File Folder Encryption
Single User/File Folder Encryption is similar to whole disk encryption, with a variation in how it encrypts the contents of a disk, instead of encrypting the whole disk, it only partially encrypts data on the disk, and usually under the discretion of the user, allowing only the user who created the file to alter it. A file are folder is selected, usually with sensitive data on it and it encrypted, whereas other files or folders may not be encrypted. Software applications come standard with single user file encryption, such as MS Office or OpenOffice(Uni. Of Col. Boulder. Para. 2). The advantage of this type of encryption is that the file or folder usually stays encrypted, even when moving across the network.
• Multi-user/File folder Encryption
Alternatively, Multi-user file/folder encryption allows multiple users to access an encrypted file or folder and alter its contents. Microsoft Active Directory policy generator handles this type of encryption with ease, making it easy to manage multiple users accessing encrypted files.
• Database Encryption
Database Encryption is the encryption of data that is stored on the backend of an application. A good example of this would be a Healthcare enrollment sheet that is filled out online using a web application. The information on this form can be proactively encrypted by the application(Uni. Of Col. Boulder, 2015. Para cool , or retroactively encrypted by the Database once the data is save and stored in the database. Either way, the data is encrypted on the database.
• Application level encryption
Application level encryption is usually a feature of an application, for instance Microsoft office offers file/folder encryption. These types of encryption technologies are quite handy, often being simple to use and efficient in file exchange (Uni. Of Col. Boulder, 2015. Para. X). While they are useful, some software vendors tout application level encryption, when in reality it is inadequately encrypted using MD5 hash or some other deprecated algorithm. It is important to research the encryption feature and ensure that it is not a waste of time, amounting to being what we call “snake oil”.
• Email messages encryption
Email message encryption has two options, one is to attach an encrypted file and the other option is to encrypt the whole message. Attaching an encrypted file is done by “sticking” the attachment to the email (Uni. Of Col. Boulder, 2015. Para. X). This method requires the recipient to use a key to decrypt the contents of the attachment. The other method of encrypting the entire message is using technologies such as S/MIME and PGP. S/MIME is an internationally recognized protocol that handles the signing of multipurpose Internet mail extensions. The method secures the message, encapsulating it in encryption, as well as verifying the sender to the recipient, ensuring that it has not been tampered with. This is the a preferable option when the sending/receiving emails contains sensitive data. However, it is a difficult technology to implement, requiring both the sender and recipient to have trusted certificates with their email provider (Uni. Of Col. Boulder, 2015. Para. 10). PGP is a simpler technology to implement, usually just requiring that software be installed such as a plugin, while PGP works in much the similar manner that S/MIME does, but it is open source and free to use.
• Network Traffic Encryption
Network traffic encryption is commonly used in today’s infrastructure, with sever protocols used for different purposes to meet the same goal. “One of the most popular forms of this encryption is Secure Sockets Layer (SSL)/Transport Layer Security (TLS), commonly used to encrypt web traffic in transit. Any web application that transmits or collects sensitive information should encrypt the information using SSL/TLS.” (University of Colorado Boulder, 2015. Para 12). SSL/TLS is done by using a certificate, usually acquired from a certificate authority like Verisign, which verifies the authenticity of the traffic and encrypting it to and fro. Another implementation of network traffic encryption is SSH, or Secure Shell. SSH is used to secure the tunnel connection between point, usually in a terminal. It is also used to securely transport files from one location to another.
Encryption algorithms
“Cryptography achieves data confidentiality by transforming meaningful messages, called plaintext, into unintelligible forms, called ciphertext or cryptogram” (Wang, Xunhua, Coppersmith, Don, Matyas, Stephen M., and Meyer, Carl H., 2014. Para. 2). Encryption algorithms are the means by which we use encryption, they are the machine behind the strength of the encryption. In this section I will briefly go over the a couple of encryption algorithms to highlight their use.
• DES
“The data encryption standard (DES) was such a validated conventional algorithm available in the public domain. It was accepted as a standard by the NIST in 1997 and was officially retired in 2004.” (Wang, Et al. 2014, Para. 24). The way that DES works is that is takes 64-bit block of plain text and enciphers them, but because it is impossible to construct a hige substitution block it is broken into chunks called blocks. 6-bit for output and 4-bit for input, it does this for 16 iterations and all the plain text is encrypted, building upon itself as a means to strengthen its encryption. This builds a 64-bit decryption key in the end, 56-bits used for decryption and 8-bits used for parity checking.
• AES
The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information (NIST, 2001. Para. 1). AES is considered a stronger encryption, being capable of using 128, 192 and 256 bit encryption. “In AES, the 16-byte plaintext is organized into a 4-by-4-byte array, called the State. The plaintext bytes are filled into the byte array in a column-wise way: the first column first, then the second column, the third column, and the last column. During the AES encryption, this state is continuously transformed and the end state is the ciphertext.” (Wang et al, 2014. Para. 32).
Bibliography
Wang, Xunhua, Coppersmith, Don, Matyas, Stephen M., and Meyer, Carl H. (2014). Cryptography. InAccessScience. McGraw-Hill Education. http://dx.doi.org/10.1036/1097-8542.170600
Cryptography provide an in depth look into the mechanisms of cryptography. Exploring its many functions, such as the various algorithms and unbreakable algorithms, block ciphers. It covers different cryptographical technologies such as RSA and AES encryption standards and modes of operation.
University of Colorado Boulder, 2016. Types of Encryption. Office of Information Technology.
Retrieved from:
http://www.colorado.edu/oit/it-security/security-awareness/encryption/types-encryption
Types of Encryption is brief look into the types of encryption in the various layers of an IT environment. It meant to be a brief explanation of these types of technologies, ranging from whole disk encryption to network traffic.
Behrens, M. 2014. Understanding the Three Types of Encryption. Atomic Object.
Retrieved from:
https://spin.atomicobject.com/2014/11/20/encryption-symmetric-asymmetric-hashing/
Understanding the Three Types of Encryption explains the difference types, not the encryption technologies themselves like RSA or AES, but instead Symmetrical Vs Asymmetrical and the difference they are to hashing. This piece also goes into detail on the disadvantages of these types.
National Institute of Science and Technology, 2001. Federal Information Processing Standard Publication 197.
Retrieved from:
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Cryptography Today is a guidance publication for the NSA information assurance program. It goes into detail provide Federal Information Processing Standard references to different encryption technology standards mandating that these encryption technologies be used to secure NSA infrastructure.
Aboutabi, Mohamed S. (2014). Secure internet communication. In AccessScience. McGraw-Hill Education. http://dx.doi.org/10.1036/1097-8542.YB150541
Secure Internet Communication is a publication intended to provide guidance on mitigating certain types of attacks such as threats to internet-based communication, communication, etc. It speaks on secure hashing and its significance while addressing other encryption technologies.
View User's Journal
UFO control
 |
malwareUFO
Community Member |
