In the contemporary world where the news about data leaks and security breaches have become quite frequent, cyber-security and more specifically encryption is an important concept for many companies to understand and implement.
Security breaches and data leaks cost millions of dollars to organizations. IT Security has become the highest priority for many global companies and government departments.
There are many security protocols and technologies available which help organizations to secure their infrastructure, data and communications. However, encryption is one of the most important part of IT security strategies that are implemented by companies and government departments.
Encryption is a technique which helps protect the data and communications.
Encryption is a technique of encoding the information in such a manner that it becomes unreadable and only authorized parties are able to access it. The authorized party can access the information using a key which decodes the information.
The encrypting process basically transforms the information or a message from plain text to cipher text by encrypting it using an encryption algorithm. The cipher text can only be read when it is decrypted using a key, which only the authorized party will have. Encryption ensures that data is not read or altered by unauthorized parties.
Here is an example of how encryption works.
When you send an email using an encrypted email service, the plain text message is scrambled and made unreadable for unauthorized parties.
This is how an encrypted email message looks like:
"hQIMA9k15z0KX/NsARAApV8pSKc9kSbARMzjCLM6b9YsMz3I3QFZUKqWpCwO6ut2lmsddHnsVSjHZe0MS0FnNI2SJDuW+7Kt2MR2DXcYpB/6esYBm6dbL73/GM8wW9qa450okjxNf4VeErVgt2VSJ/qyLlVuc5BnLz9IodTu3rNtGGcqTWOKQiB2vXGqfdw+/5bSKtESZxVi/YRGVNeIk+fa/2Yh7lnv5xUaaakdGTdj3LSHw77+CoTcG+L5RaHrgMZ6OItioR9UN51xgfYELg8q21llCK9MotpjgRSHJaZphBvl3liKTj7uQbYGNGpwwIHJ4 zb+yrP4WRONA0AqVgOk5LNevpCxO7Ag4BVgE9WJ1MOsAGD9jTKfHZZPKlh7O949JthZ5T5Nd9+oZAnJmBSyt+R9SA943a6fa1EUFWJ2yPzNDblhu 9lgcTQ2BqRRvKx02SyHwAR22TvUI8+w9c/8VUajcZ/eudz44FcLdK35mmLhyQDw87301Lo4aFb52opTFp+dYio5UYK6wR9MUu8OzrGeiAV98d30Tk 9WTntWcm486B2kN7/dhHxEYsMI2ZWzq4KXNog3/29AarcgbqQIjKY3RHxYsP1/6wnyqdI6JeLGunTEbeVA5tq10ZIHHZehayxnfLJMEd0TjQh5gyXF1x0YjoT7wGCLscS02yG/5PSyA6pK0GRbEyaNOAaceRvBbcsrmWybWe1ySR+gRIuAK3KygCUONZ4MXR0hopKJpz4pliTnd/u6Wfya83pzC1Cn3P6cO4yH6sRjXWB3KztYkKOyDwVFYNk7nfZFcAW+1ZfA3WWm5MRrgxQT2JJ9Gj1U7ue0tCqEYdpq1yTgtpbSZiO5Orx3fA29/N4kpIk6YrDIPKzafE8qzaP0xO+IeTw8g0RqfyKxZTZ1pY5SPdx0lSbmGVz3irQ7VabonRVoVZhyURPrXw2TVUA7Ft hKt0bmAotdR2D0vVW7sLeDFattpr2Qs1dr99/+1btilLQGyl7s3cgtw+eLKmutLpAbU6u2iXxxSCSGS1JMR1+1nILNf26XXkES+KhsdsIoEDiTQ+ S6r0BL/IfUHUgt1KgBUHwMGycLsP+69FyFJPuTW21ttSJMBJx5S3aB8R2VmRWCi4+Mrctllg+H4C6ml4Pn64sjNNdSJer3gpSynceFuySM mul46CDBwAKxt9haksZ5bBqLcIhAkJ+96PtLTvqEHP6jLFyVisuHUTZoh3buheK5SuuJoQIq6SlAJYp8eo2SpZAk0W9gAvmFV+0nlI7//G0lF4/tns2om3Hs8uQQ0F+vE8SvgrrxxEeXSPjqZpmfw+VHQg9iwBJzHJfVObQQwUuKhFqVbsUpEU48h4qhKjMlvJd+H2gFfw3VywQwK45X nLInUpyANK+uVlxwfCoUz0u+3RADVAxkCKWoWmw6f4eY5IaBRnMb1uzzRXv6RRaShZyZ7BI3ZbcBXsG7MFrMNRdSF5zN3r=JSOY"
Only the intended authorized recipient can decrypt the above encrypted text. The authorized party receives a private key from the sender of the email, using this private the authorized recipient can decrypt the email.
Decrypted email text:
"Hello John, How are you doing? Join me for a cup of coffee next week in San Francisco. Best, Alex."
Symmetric Encryption, also known as private-key cryptography, uses a single key for encryption and decryption. The sender encrypts the data with a private-key, sends the encrypted data to the authorized recipient, the recipient uses the same private-key to decrypt the data.
Symmetric Encryption is also known as private-key or secret-key cryptography because it uses a secure private-key for both encrypting and decrypting processes.
Asymmetric Encryption, also known as public-key cryptography, uses two different keys for encryption and decryption and hence differs from symmetric method. In asymmetric method, a public-key is used for encrypting process whereas a private-key is used for decrypting process.
Hashing is a type of cryptographic security which generates a unique fixed-length value or a hash for a message or data. Hashing is irreversible, once a message is condensed into an irreversible fixed-length value, it cannot be reversed. This is where hashing differs from encryption which is a two step process where a message is first encrypted and then decrypted, which is not the case with hashing. Hashing is a single step irreversible process.
Hashing is used to verify the data and check if the data has been tampered with, and cannot retrieve the original message.
Kryptotel is an IT Security Services and Product Development Company specializing in Cyber Security and Secure Communications. Kryptotel develops secure communication applications with strong encryption and security features. Feel free to get in touch with Kryptotel to discuss your cyber security requirements. Please visit us at: www.kryptotel.ae.