Encryption is the conversion of data into a

form, that cannot be easily understood by

unauthorized people The translation of

data into a secret code. Encryption is the

most effective way to achieve data

security.

To read an encrypted file, you must have

access to a secret key that enables you to

decrypt it. Plain text to Cipher text.

SYMETRIC ENCRYPTION

Same secret, password or key is used to

encrypt and to decrypt

ASYMETRIC ENCRIPTION

It uses two different keys - a public key and

a private key .

This is also known as shared-

key,secret-key and private key or one

key encrytion

SIMPLE: This encryption is easy to carry out all users have to do is

specify and share keys and begin to encrypt and decrypt ENCRYPT AND DECRYPT YOUR OWN FILESIf you use encryption for messages or files which you alone

intend to access there is no need to crate a different keys single key encrpytion is best for this

FAST:Symmetric key encryption is much faster than asymmetric key

encryption PREVENT WIDESPREAD SECURITY COMPROMISESecret key is used for communication with every different party.

if a key is compromised, only the message between a particular pair of senders and receiver is affected communications with others are still secured.

NEED FOR SECURE CHANNEL FOR

SECRET KEY EXCHANGE

sharing the secret key in the beginning is a

problem in symmetric key encryption. it

has to be exchanged in a way that ensures

it remains secret

TOO MANY KEYS

A new shared key has to be generated for

communication with every different party

Encryption Algorithm is a mathematical

procedure for performing encryption on

data, through the use of an algorithm,

information are made into a meaningless

cipher text and requires the use of key to

transform the data back into its original

form

Stream Cipher: Here the plain text are encrypted one at a

time, each bits of plain text are converted into successive

varying digits. Ex. RC4, SEAL Sample Example: “We are

spartans“ is written as “ZH DUE VSDUWDQV”

Block Cipher: Here block of plain texts are encrypted,

each block has fixed length and unvarying digits. Ex.

Rijndael, IDEA (International Data EncryptionAlgorithm)

Sample Example: “We are spartans“ is written as “ 25 51

11 24 51 34 53 11 24 44 11 33 34 ”

It uses the two different keys for encryption and decryption,

public key is used for the encryption and private key is

used for decryption. As the symmetric key encryption

does not provide much of the security, the importance of

the Asymmetric key is more. It is also known as Public

key encryption. It has the combination of public key and

private key, private key is only known by your computer

while the public key is given to other computers with

which it wants to communicate securely. As everyone

has the public key, but to decode the message one has

to use the private key.

The combination key is based on the prime numbers, thus it makes highly secure. As many as prime numbers are there, that many keys are available. Pretty Good Privacy (PGP) is one of most public key encryption program. Public key encryption can be adopted in large scale, such as for web server and the application to be secure. The Digital Certificate or digital signature gives the authentication between the users. These certificates can be obtained by the Certificate Authority, which plays the role as a middleman for both the users.

Public Key Infrastructure (PKI)To make most out of the encryption, the public keys must be built

to create, maintain, use and distribute, we need the

organization known as Public Key Infrastructure.

Certificate Authority (CA)

Without the CA one cannot issue the Digital Certificate, which

contains both the public and private key for encrypt and decrypt

the data. Depending upon the volume of the identity verification,

Certificate Authority can issue Digital Certificate for different

level of trust. CA adopts identifying individual rather going by

company. To verify individual CA can ask for Driver License as

proof of identity or Notarized letter. This is only applicable for

initial level of trust. For high level trust it can go for biometric

information like fingerprint, iris scan etc

Registration Authorities (RAs)

These have similar functionality as the CA has, but RAs are one down

to the level of hierarchy. This will work under the CA, mainly to

reduce the workload of Certificate Authority. The RA can issue the

temporary digital certificates. The temporary digital certificates have

limited validity, and not fully trusted, unless CA verifies them

completely

Digital Certificates These certificates are used to verify the identity of a person or a company through CA. It can also be used to retrieve rights and authority. Some of them have limited access such as encrypt and decrypt. These Digital Certificates can be issued for particular laptops, computers, routers etc. Computers and web browsers have the facility to store these certificates in particular memory.

RSA It most recognized asymmetric algorithm, the RSA stands for

the last names of the inventors Ron Rivest, Adi Shamir, and Leonard Adleman. They developed this algorithm in 1978, since then it is widely used. There are other algorithms used to generate the asymmetric keys, such as ElGamel and Rabin, but not popular as RSA, because a large corporation RSA Data Security stands behinds it.

ASYMETRIC

ENCRIPTION

Authentication

Protects personal data such as passwords.

Privacy

Provides for confidentiality of private

information.

Accountability

To secure important information e.g.

: Health records

Credit card information Student records

Etc. Prevents information from getting

stolen or read

Without encryption, there is no reliable

security

Make sure the encryption system has a

complete key management application.

This will help manage and protect the data

and keys, and help safely match

encrypted data with the right key.

Real Life Examples Used in the military and the government Now used in everyday life:

Online banking E-commerce Student records, health records, tax

records etc.ATM machines Social networking (emails,

texts, instant messengers) Businesses

Information is also vulnerable when it’s in transit. If

the data is not encrypted, it can be monitored

and captured online. This is why you want to

ensure that any sensitive online

communications, such as online banking,

sending e-mails, or perhaps even accessing your

Facebook account, are encrypted. The most

common type of online encryption is HTTPS, or

connecting to secured websites. This means the

traffic between your browser and the website is

encrypted.

Look for https:// in the URL or the lock icon in your browser.

Many sites support this by default (such as Google Apps),

and websites like Facebook and Twitter give you the

option in your account settings to force HTTPS. In

addition, when you connect to a public Wi-Fi network,

use an encrypted network whenever possible. WPA2 is

currently one of the strongest encryption mechanisms

and the type you should choose. Finally, whenever

sending or receiving e-mail, make sure your email client

is set up to use encrypted channels. One of the most

commonly used is SSL (Secure Socket Layer); many e-

mail clients use SSL by default.

Encryption is an important tool for

protecting data, but is only effective if

you have strong passwords and

maintain the overall security of your

computer .

Regardless of which type of encryption you are using or how you use it,

almost all forms of encryption share some common issues you need

to be aware of.

Your encryption is only as strong as your keys. If your key is

compromised, so is your data. If you are using passwords to protect

your keys, make sure you use strong passwords and protect them

well.

• Don’t lose or lose access to your keys. If you lose your encryption

keys or can't access them because you've forgotten the password

that protects them, you most likely cannot recover your data.

Your encryption is only as strong as the security of computer. If your

computer is infected, the bad guys can compromise your encryption.

Maintain the overall security of your computer. Encryption does nothing to protect against viruses, worms,

Trojans, unpatched vulnerabilities, or social engineering attacks.

Always be sure to back up any confidential data securely. This ensures that if you lose your device or your encryption keys protecting your data, you can still recover your data.

Use encryption based on publicly known algorithms, such as AES (Advanced Encryption Standard) or Blowfish, rather than proprietary algorithms. Also, always be sure you are using the latest version of your encryption programs.

Consult an IT professional if you need help. Incorrectly installing, configuring, or using encryption can render your information permanently inaccessible.