Puget Systems print logo

https://www.pugetsystems.com

Read this article at https://www.pugetsystems.com/guides/1096
Beth Smasal (Production Technician)

Data Encryption

Written on January 18, 2018 by Beth Smasal
Share:

Let's Talk Data Encryption!

What is it? How does it work?

The purpose of encrypted data is to protect digital information from being seen by unauthorized parties. Encryption works as a code that can be unlocked, or decrypted, through the use of a password or decryption key.

Stream Ciphers and Block Ciphers

There are two major classes of encryption algorithms that are in use today: stream ciphers and block ciphers. In stream ciphers the data is processed bit-by-bit while block ciphers are broken into, you guessed it, blocks and encrypted as a whole. Some things to be aware of are that developers will often hardcode their software to use the same encryption key and/or IV every time (an example of this is the Adobe breach of 2012), similarly with stream ciphers if the key is reused then the encrypted data will be left vulnerable. 

AES

The Advanced Encryption Standard (AES) is commonly considered the standard encryption algorithm used by the U.S. government and around the world to encrypt sensitive data. It is an advanced form of the block cipher style and utilizes 10 rounds of 128-bit keys, 12 rounds of 192-bit keys, and 14 rounds of 256-bit keys…  Block ciphers like AES are solid when used correctly, but if one reuses a key and/or initialization vector, it could give unauthorized parties an edge at decrypting your restricted data.

Is Your Data at Risk?

Whenever big-name companies such as Experian or Sony have records or accounts leaked you’ll tend to hear the media ask, “Why wasn’t it encrypted?” the odds are their information was. In order to work with the data, the legitimate application needs to be able to decrypt the data in memory. The application, rather than the decryption key, could have been compromised; the data has already been decrypted. Then there is disc encryption on laptops (BitLocker on Windows, FileVault on Mac, etc.) if a laptop is powered off, it is difficult to decrypt, but once the laptop is turned on and unlocked the system will have started to decrypt the data and, if the laptop is breached, your data is unscrambled!

Overview of Encryption Best Practices

Nothing is full-proof, but when utilized properly data encryption is an effective way to protect your data. Avoid repetitive encryption keys, an unlocked system is a vulnerable system, and the more complex an encryption is, the harder it is to break. 

Tags: Security, Stream Cipher, Block Cipher, Encryption, Decryption, Data

Thank you for the article Ms. Smasal. (PugetSystems have all sorts of highly informative literature.)

A couple years ago we had to write a very simple symmetric transposition cipher in C, to this day one of my more fun assignments. Then had to write a simple decipher to decipher a bunch of professor-submitted stuff, that was even more fun.

On a serious note, I would point out the importance of picking complex encryption keys that are long enough, not dictionary based in any language and not based on keyboard "quick glide" patterns.

Posted on 2018-01-29 06:09:49
Beth Smasal

You're right, I should have emphasized the importance of complex encryption keys more. The length of the key depends on the algorithm, since encryption keys are usually random numbers. An AES key is 128, 192, or 256 bits, but an RSA key is usually 1024, 2048, or 4096 bits long. That doesn't necessarily make the RSA key stronger, it just uses different math so the key has to be longer in order for it to be secure.

Those sound like fun projects, the second one especially!

Posted on 2018-02-01 19:10:59