World Library  
Flag as Inappropriate
Email this Article

Encryption

Article Id: WHEBN0000010294
Reproduction Date:

Title: Encryption  
Author: World Heritage Encyclopedia
Language: English
Subject: Cryptography, Virtual private network, Middleware analyst, Keychain (software), Penta Security
Collection: Cryptography
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Encryption

In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it.[1] Encryption does not of itself prevent interception, but denies the message content to the interceptor.[2]:374 In an encryption scheme, the message or information, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted.[2] For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in principle possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, large computational resources and skill are required. An authorised recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorised interceptors.

Contents

  • Kinds of encryption 1
    • Symmetric key encryption 1.1
    • Public key encryption 1.2
  • Uses of encryption 2
    • Message verification 2.1
  • See also 3
  • References 4
  • Further reading 5
  • External links 6

Kinds of encryption

Symmetric key encryption

In symmetric-key schemes,[3] the encryption and decryption keys are the same. Thus communicating parties must have the same key before they can achieve secret communication.

Public key encryption

Illustration of how a file or document is sent using Public key encryption.


In public-key encryption schemes, the encryption key is published for anyone to use and encrypt messages. However, only the receiving party has access to the decryption key that enables messages to be read.[4] Public-key encryption was first described in a secret document in 1973;[5] before then all encryption schemes were symmetric-key (also called private-key).[2]:478

A publicly available public key encryption application called Pretty Good Privacy (PGP) was written in 1991 by Phil Zimmermann, and distributed free of charge with source code; it was purchased by Symantec in 2010 and is regularly updated.[6]

Uses of encryption

Encryption has long been used by militaries and governments to facilitate secret communication. It is now commonly used in protecting information within many kinds of civilian systems. For example, the Computer Security Institute reported that in 2007, 71% of companies surveyed utilized encryption for some of their data in transit, and 53% utilized encryption for some of their data in storage.[7] Encryption can be used to protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers' personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems, which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection), is another somewhat different example of using encryption on data at rest.

Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years.[8] Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks.

Message verification

Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards for cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single error in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse.

Digital signature and encryption must be applied to the ciphertext when it is created (typically on the same device used to compose the message) to avoid tampering; otherwise any node between the sender and the encryption agent could potentially tamper with it. Encrypting at the time of creation is only secure if the encryption device itself has not been tampered with.

See also

References

  1. ^ "Encryption Basics | EFF Surveillance Self-Defense Project." Encryption Basics | EFF Surveillance Self-Defense Project. Surveillance Self-Defense Project, n.d. Web. 06 Nov. 2013. .
  2. ^ a b c Goldreich, Oded. Foundations of Cryptography: Volume 2, Basic Applications. Vol. 2. Cambridge university press, 2004.
  3. ^ Symmetric-key encryption software
  4. ^ Bellare, Mihir. "Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements." Springer Berlin Heidelberg, 2000. Page 1.
  5. ^ "Public-Key Encryption - how GCHQ got there first!". gchq.gov.uk. Archived from the original on May 19, 2010. 
  6. ^ "Symantec buys encryption specialist PGP for $300M". Computerworld. 2010-04-29. Retrieved 2010-04-29. 
  7. ^ Robert Richardson, 2008 CSI Computer Crime and Security Survey at 19.i.cmpnet.com
  8. ^ Fiber Optic Networks Vulnerable to Attack, Information Security Magazine, November 15, 2006, Sandra Kay Miller

Further reading

  •  
  • Kahn, David, The Codebreakers - The Story of Secret Writing (ISBN 0-684-83130-9) (1967)
  • Preneel, Bart, "Advances in Cryptology — EUROCRYPT 2000", Springer Berlin Heidelberg, 2000, ISBN 978-3-540-67517-4
  • Sinkov, Abraham, Elementary Cryptanalysis: A Mathematical Approach, Mathematical Association of America, 1966. ISBN 0-88385-622-0

External links

  • Encrypted Cellphone 4096 bit Diffie-Hellman key exchange algorithm implemented for communications
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.