Does Encryption Work?

Submitted By markhelprin
Words: 2530
Pages: 11
Open Document
Does Encryption Work? Businesses and individuals use the internet for a great deal of daily activities. At or near the top of that list for most would be communication. Most of the communication is innocuous and maybe you wouldn’t mind having the conversation in public. However, businesses might need to send secret plans for their newest product across the internet to employees out in the field. A dissenter in a country ruled by a repressive regime may need to communicate privately without the government’s knowledge. In cases such as these, only the intended parties should have the ability to see the information. In communicating over the internet, our security goals are confidentiality, authentication, integrity and non-repudiation (Needham 993). In other words, we want to be sure our message is protected from unintended disclosure, we want to be sure the entity we are communicating with is who they claim to be, we want to be sure the messages we send and receive are not modified while in transit and we want to be protected from the sender denying they sent a message. Encryption, when used correctly, can help to accomplish all four. Cryptography is the study of mathematical techniques to achieve various goals in information security, such as confidentiality, authentication, integrity and non-repudiation (Lee). Important techniques are described below followed by the value they present to the organization and individual.
SYMMETRY KEY
Security relies on encryption, the process of encoding information so that only the intended recipient can decode it using a key (Lee). Computer encryption systems fall in two categories; private key encryption (symmetric) and public key encryption (asymmetric). Symmetric encryption uses three broad steps; key generation, encryption and decryption. Computers using symmetric-key encryption must share a single key generated by a security parameter. That secret key that is used to encrypt plaintext input known as a packet and output the ciphertext that will be sent to a destination over the internet. The sender must know who he will be communicating with so that each destination can set up the key. Destinations must have the key in order to decrypt the message once it is received. A popular early algorithm used for symmetric encryption was the Data Encryption Standard. DES is based on the Feistel Structure and was the worldwide standard for symmetric encryption for more than 20 years (Menezes 252). However, DES only had a 56-bit keyspace that, today, could easily be defeated by a brute force attack. It has since been replaced by the Advanced Encryption Standard (AES) which uses 128-, 192- or 256-bit keys.
PUBLIC-KEY ENCRYPTION Symmetric-key encryption is fast. However, key distribution can cause issues. In order to communicate, the two (or more) participants must agree on a key and keep it secret. Anyone who intercepts the key while in transit can examine and even change information that the key encrypted. How do you share the key without it being learned by an eavesdropper? Although it is slower, public-key encryption can fix this issue.
Public-key encryption is a two key system made up of a public key and a private key. The public key can be given out freely to any other computer that wants to communicate and the private key is kept on the user’s computer and not shared with anyone. The sending computer encrypts using the public key of the destination. To decrypt the receiver uses his private key. The big benefit of public-key encryption is that the sender and receiver can send and receive encrypted data without having to set anything up beforehand. One well known early public-key cryptosystem was RSA. RSA consists of generating a key pair and encrypting with one and decrypting with the other. Alfred J. Menezes et. al. explain the process in the textbook Applied Cryptography. In key generation, you choose two large prime numbers, p and q, and compute n=p*q and .
Show More

Related Documents: Does Encryption Work?

Schneier's Essay 'A' Key For Encryption

There are many varied opinions on what encryption should be in today's digital world, Bruce Schneier's article "A ‘Key' for Encryption, Even for Good Reasons, Weakens Security" reasons that encryption is design to protect individuals personal, financial information and cell phone conversations from everyone. It goes further in that encryption protects our privacy and our money; therefore, there should be no "key" or backdoor to anyone's digital devices. While Ronald T. Hosko's article "Don't…

Words 666 - Pages 3

Nt1330 Unit 1

first and then uploaded to the cloud for process. This Fully Homomorphic encryption algorithm helps to attain confidentiality because of the calculations done in encrypted form without knowing the original form. It is very important for the data safety of the cloud computing platform, because the data is invisible to the third party and can be processed by the cloud itself. This paper suggests the Fully homomorphic encryption mechanism for processing log data to propose a cloud computing data security…

Words 857 - Pages 4

Advantages And Disadvantages Of Wireless Communication

Wireless networks can serve a large number of clients without resorting to new hardware, while wired communications require additional cabling. • More productive: An employee can do their work at any place that has wireless networks, without having to resort to using a workstation from their main place of work • Mobility: Users can access wireless networks from anywhere within any range. Disadvantages: • Difficult to setup for user with little experience • More vulnerable than wired networks (e…

Words 1309 - Pages 6

9-Iron Country Club Case Study

Employees at the 9-Iron Country Club need a design for remote access the ability to work from home using a secure Internet connection for remote business operations. While reviewing the Needs and desires of customers and club members, while providing protection of confidential and personally identifiable information with Data classification and security requirements will be challenging while keeping up front the needs and primary purpose of the club. The solution would be SSL VPN (Secure Sockets…

Words 989 - Pages 4

Dynacrypt White Paper v4

MMI CYBER SECURITY WHITE PAPER “Establishing New Standards for Software Security Solutions and Encryption” Presented by: Dr. Frederick J Foreman Creator | Chief Technology Officer MMI Cyber Security 914.318.9427 1 MMI CYBER SECURITY WHITE PAPER Contents 1 Introduction ................................................................................................................... 4 2 NSA Future Direction .................................................................................…

Words 4556 - Pages 19

Nt1330 Unit 3 Assignment 1

since the PHR service works on a cloud system and the owner does not have complete control over the information since it is stored in external servers. There is always an issue of security and privacy issues involved in cloud sharing and could lead to privacy risks. Another issue to be considered is that when PHR record is shared to everyone, then the security risk can slow down the entire model.…

Words 341 - Pages 2

Maintenance Job Essay

The maintenance Job allows users to perform various maintenance functions. It provides screens for viewing and setting preferences, displaying system notes (live and Stored), and watching the activities of specific ports. a) b) 2. True False How does Maintenance Notes are created? a) b) c) d) An event that may require attention The user put a note in the system The MET create a note when a change had been made The system has power down 3. Personnel are informed of the presence of notes in the…

Words 1273 - Pages 6

Ten Ways To Implement Multi-Layered Security

Guide to Growth Join us as we explore ways to grow your business with technology­­brought to you by Dell and Microsoft 10 Ways to Implement Multi‐Layered Security Letha Wicker 16 Nov 2011 9:48 AM Comments 0 Like 0 How secure is your enterprise? Does your current strategy include true end‐to‐end security? Learn ten ways to better implement a multi‐layered security approach in your organization. Topics covered include: Lost laptops and smartphones, botnets, network security, messaging security,…

Words 1569 - Pages 7

Nt1330 Unit 3 Assignment 1 Answers

T215A TMA Fall 2015 Question 1 A. Computer virus: The virus is essentially a program, which run itself in the targeted computer without user awareness and approval and reside in host computer programs, or the host computer media files like videos or images or any type of file that is stored into the host computer hard drive, the most critical part of the host data files is called boot sector/block, this part which is usually part of the hard desk, contains machine code that is loaded into random…

Words 1303 - Pages 6

Electronic Health Record Essay

As we enter into the age of the electronic health record, we are finding numerous benefits that this technology has to offer patients, physicians, and other healthcare workers. The patient’s record is immediately available to the physician, enabling them to give the patient the best care based on their medical history. Physicians are able to transfer and access records with ease, making their job of caring for the patient as accurate as possible. Health data workers are able to access the same record…

Words 1221 - Pages 5