Data Encryption

Let's Talk Data Encryption!

What is it? How does it work?

The purpose of encrypted data is to protect digital information from being seen by unauthorized parties. Encryption works as a code that can be unlocked, or decrypted, through the use of a password or decryption key.

Stream Ciphers and Block Ciphers

There are two major classes of encryption algorithms that are in use today: stream ciphers and block ciphers. In stream ciphers the data is processed bit-by-bit while block ciphers are broken into, you guessed it, blocks and encrypted as a whole. Some things to be aware of are that developers will often hardcode their software to use the same encryption key and/or IV every time (an example of this is the Adobe breach of 2012), similarly with stream ciphers if the key is reused then the encrypted data will be left vulnerable. 

AES

The Advanced Encryption Standard (AES) is commonly considered the standard encryption algorithm used by the U.S. government and around the world to encrypt sensitive data. It is an advanced form of the block cipher style and utilizes 10 rounds of 128-bit keys, 12 rounds of 192-bit keys, and 14 rounds of 256-bit keys…  Block ciphers like AES are solid when used correctly, but if one reuses a key and/or initialization vector, it could give unauthorized parties an edge at decrypting your restricted data.

Is Your Data at Risk?

Whenever big-name companies such as Experian or Sony have records or accounts leaked you’ll tend to hear the media ask, “Why wasn’t it encrypted?” the odds are their information was. In order to work with the data, the legitimate application needs to be able to decrypt the data in memory. The application, rather than the decryption key, could have been compromised; the data has already been decrypted. Then there is disc encryption on laptops (BitLocker on Windows, FileVault on Mac, etc.) if a laptop is powered off, it is difficult to decrypt, but once the laptop is turned on and unlocked the system will have started to decrypt the data and, if the laptop is breached, your data is unscrambled!

Overview of Encryption Best Practices

Nothing is full-proof, but when utilized properly data encryption is an effective way to protect your data. Avoid repetitive encryption keys, an unlocked system is a vulnerable system, and the more complex an encryption is, the harder it is to break.