DEV Community

Cody Daigle
Cody Daigle

Posted on

Encryption Methods: Protecting Data

Have you ever been concerned about whether your information or online actions are safe? In this article I will explain the multiple ways encryption is utilized today, it's importance, and hopefully provide the everyday user some ease when accessing their information.

Encryption's Purpose:

The primary goal behind encryption is to protect important, personal information, and data from unauthorized personnel. The world today allows anyone to access so much information just from their fingertips. Anywhere from learning how to do something new, job related tasks, or even checking bank statements. Keeping vital information private is paramount and luckily there are many ways this can be achieved.

How Is Something Encrypted?

The act of encryption takes plaintext, human-readable data, and alters it to appear as randomized, incomprehensible strings of text with alphanumeric characters. With that transformation the data that could be read is now known as ciphertext and is otherwise useless to those that it does not pertain to. How would it become understandable again when it's accessed by the authorized user? This is accomplished with the tool called a cryptographic key that uses a string of randomized, mathematical values that allow authorized personnel to decrypt that data. Cloudflare defines a cryptographic key as:

A string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.'

Types Of Encryption:

Due to all the different types of data and importance for applying such a security to information many different methods of encryption exists today. These methods are roughly categorized into two groups: Symmetric Data Encryptions and Asymmetric Data Encryption.

Symmetric data encryption, also known as 'Private Key
Cryptography'
, utilizes a key to encrypt plaintext and decrypt ciphertext. The access to this key is only accessed by the authorized recipients that are sending and/or receiving data. This process is the fastest of the two due to only requiring a single key and is most useful when dealing with larger quantities of data.

Symmetric Data Encryption Process
Examples of symmetric encryption algorithms would be:

Asymmetric data encryption, also known as 'Public Key Cryptography', utilizes two separate keys, a public key and a private key. Splunk explains: "The public key, as the name suggests, is either publicly available or shared with authorized recipients. The corresponding private key is required to access data encrypted by the public key. The same public key will not work to decrypt the data in this technique".

Asymmetric Data Encryption Process
Although this method is relatively slower in action it is the most secure form today when it comes to protecting personally identifiable information. Some examples of asymmetric encryption algorithms are:

  • Rivest-Shamir-Aldeman (RSA)

  • Diffie-Hellman (DH)

  • Elliptic Curve Cryptography (ECC)

Applications:

Now that we have discussed symmetric and asymmetric data encryption let's look at how these would be applied to data. Primarily there are three ways that encryption is applied: At rest, In Transit, and End-to-End. Data that is encrypted and stored and not being accessed or moving through a network is referred to as data at rest, like a flash drive or database. What about data that is being sent? Data in transit is when data is encrypted and then transferred between nodes in a network. With that being said it doesn't have to be encrypted before this takes place, but will be as it travels and then decrypted when it reaches it's destination. Imagine how emails are sent to specific users: When you write an email you are creating data that is stored and when sent it becomes encrypted and decrypted when it arrives at the authorized location. Finally, we have End-to-End_ which utilizes both applications of data at rest and data in transit. When data is created it becomes encrypted and stored and when transferring said data between network nodes only the encrypted data is sent and decrypted, from ciphertext to plaintext, at the specified location.

General Use:

The methods I described above are used in everyone's lives in some way or another, but what about general internet use? When using the internet you are utilizing an application later protocol called Hypertext transfer protocol, or HTTP, inside the internet suite model that encodes information and moves it between a server and a client/browser. Notice I didn't mention anything about it being encrypted? That is where the 'S' in HTTPS comes in. The only difference, besides the letter, is it's 'Secure', meaning HTTPS uses Secured Socket Layer certificates to establish, and digitally sign, an encrypted connection on an HTTP request/response. This is considered as a TLS handshake, allowing a secured session to protect data.

What could go wrong?

We know encryption of personal data is an amazing asset that is used to protect confidential information like messages, files, phone calls, etc, but what if encryption was used in a destructive way? What if I told you there was a type of cryptovirological malware that can permanently block user access to personal information by encrypting it? Ransomware attacks utilizes swift encryption methods that infects and encrypts data and generally wont be released unless a condition is met. Ryan Kovar, SURGe. says "The Median Ransomware variant can encrypt nearly 100,000 files totaling 53.93GB in forty-two minutes and fifty-two seconds. A successful ransomware infection can leave organizations without access to critical IP, employee information and customer data.”

Phishing attempt in email

These attacks are often seen in phishing emails that have attachments in them with the intent to perform harmful actions on the victim.

In conclusion data encryption is vital today in order to keep important information safe and luckily we have many resources to help do so. Whether you are an everyday user or work directly with confidential information it is reassuring to know the resources we have at our disposal and they are improving every day.

Top comments (0)