Skip to main content

Encryption

Introduction

Encryption is a key aspect of security. Here we focus specifically on its technology aspects.

Introduction to Encryption

Digital encryption is a crucial aspect of modern cybersecurity, ensuring that sensitive information remains secure and inaccessible to unauthorized users. Here are the main characteristics and technologies used in digital encryption:

Main Characteristics

  1. Confidentiality: Encryption ensures that data is only accessible to those with the correct decryption key, maintaining the privacy of the information.
  2. Integrity: It protects data from being altered or tampered with during transmission or storage.
  3. Authentication: Encryption helps verify the identity of the parties involved in communication, ensuring that data is sent and received by the intended individuals.
  4. Non-repudiation: It prevents the sender from denying the authenticity of their message, providing proof of origin.

Technologies Used

  1. Symmetric Encryption: This method uses a single key for both encryption and decryption. It's fast and efficient but requires secure key distribution. Common algorithms include:

    • AES (Advanced Encryption Standard): Widely used for securing sensitive data.
    • DES (Data Encryption Standard): An older standard, now largely replaced by AES.

  2. Asymmetric Encryption: This method uses a pair of keys—a public key for encryption and a private key for decryption. It's more secure for communication over insecure channels but slower than symmetric encryption. Common algorithms include:

    • RSA (Rivest-Shamir-Adleman): Often used for secure data transmission.
    • ECC (Elliptic Curve Cryptography): Provides similar security to RSA but with smaller key sizes.

  3. Hash Functions: These are used to verify data integrity by producing a fixed-size hash value from input data. Common hash functions include:

    • SHA-256 (Secure Hash Algorithm 256-bit): Widely used in various security applications.
    • MD5 (Message Digest Algorithm 5): An older hash function, now considered less secure.

  4. Hybrid Encryption: Combines symmetric and asymmetric encryption to leverage the strengths of both. Typically, asymmetric encryption is used to securely exchange a symmetric key, which is then used for the actual data encryption.

Encryption is essential for protecting personal information, financial transactions, and communication channels in our increasingly digital world. Do you have any specific questions about these technologies or how they are applied?

Under the technology section, we look at encryption in terms of the applicable choices of technology e.g. the permissible standard of HTTPS, TLS etc.

From a Hygiene perspective please look under /docs/hygiene/data-security

Engagement

Review and Approval

Standards and Conventions

Architecture and Design

Implementation

Development

Testing

Deployment

Operations and Support