anitsh / til

Today I Learn (til) - Github `Issues` used as daily learning management system for taking notes and storing resource links.
https://anitshrestha.com.np
MIT License
78 stars 11 forks source link

Encryption/Decryption #108

Open anitsh opened 4 years ago

anitsh commented 4 years ago

-

anitsh commented 4 years ago

Encryption is the process of converting plain text into cipher text i.e. converting the text from readable format to non readable format to secure the conversation between two parties or from the unauthorized person. A secret key is used to encrypt the plain text in a secure way, various techniques and algorithms have been developed to achieve the encryption. For example, substitution techniques, transposition techniques, MD5 algorithm, SHA algorithm, IDEA algorithm, etc. How does Encryption Work?

There are 3 steps involved in Encryption of data. First, you take some data as input that you want to Encrypt alongside with a key (such as Password or passphrase). Once you have both, you will send both as input to an Encryption algorithm.

The algorithm will then change the data given in the input using the Encryption key and it will send the output. You can then send the output to the second party using any medium you like, or you can keep the Encrypted data for your own future use.

When the receiver gets the data, it will send decryption key and the Encrypted data to a decryption algorithm to decode it. Some Benefits of Encryption

This is one of the backbones of data security, the following are some major benefits:

  1. Encryption Ensures Integrity of Data

While data Encryption stops anyone from reading the data, one other major benefit of Encryption is that once done, a hacker cannot alter the data to commit any fraud. If anyone makes any change to the Encrypted data, the receiver will easily detect any fraud using hashing such as MD5 Checksum.

  1. Providing Security at All Times

There are some other tools to password protect a folder or some data for local storage that someone you can choose, but Encryption is the only true way to secure data in its entirety. This is possible because, without proper decryption of data, no one can use it.

  1. Beneficial in Protecting Data across Devices

Encryption and decryption software can be written for any platform meaning encrypted data is not platform dependent and can be used across devices.

  1. Encryption Provides Privacy

Data Encryption is not only useful for companies or military, but normal computer users can also use it to store sensitive information such as Bank Account details, medical records, etc. safe. Without proper Encryption, anyone who can access the device will be able to see and copy it.

Types of Encryption

While there are so many methods to Encrypt data such as AES and RSA, we can categorize Encryption into two types: Symmetric and Asymmetric

  1. Symmetric

In this process, it considered Symmetric when the same key is used to Encrypt and Decrypt data. In this Type, we need to be very careful when transferring the key. Usually, it is done by sending the key via a different channel.

  1. Asymmetric

Asymmetric Encryption is the type when 2 keys are used by both parties, one key for Encryption and another for the Decryption of data. In this, one key is called Private Key and the second key is called Public Key. The Public key is used for the encryption of data and it can be handed over to anyone without any trouble. The private key is used for decryption and is not shared with anyone. Uses of Encryption

Now that we have seen what Encryption is, how it works and its types, let’s take a look at some of its uses :

Data Protection for Storage: It can be used to protect the data stored for a long time. Even if the storage is stolen or breached, the data will still be unreadable without the key.
Data Migration: When transferring data via a network, Encryption is used to make sure that no one in the network can read it.
Accessing Data Across Multiple devices: Data stored on cloud storage is Encrypted and it can then be accessed from any supported device securely.
Ensuring Compliance: Considering the value of data security, many organizations, governments, and companies require the data to be secured with Encryption to keep the company or user data safe. This also prevents employees from having unauthorized access to user data.

Why do we Need Encryption?

This creates a solid foundation for data security. Thanks to it, emails, internet chats, cloud storage has become safe for public and corporate use. Beside from user data, Encryption has played a huge role in keeping issues of national security safe. Considering these, it is no wonder that Android phones now Encrypt user data by default and search engines such as Google rank websites with SSL Encryption higher in Search Results.

anitsh commented 4 years ago

Encryption Algorithm is the algorithm that is designed to encode a message or information in a way that only authorized parties can have access to data and data is unreadable by unintended parties. There are two types of Encryption Algorithm like Symmetric-key algorithm also known as a secret key algorithm and Asymmetric key algorithm also called a public key algorithm.

Different Types of Encryption Algorithm

There is an Encryption Algorithm that has been developed to add security features with the data that has exchanged between the peers. Depending upon the security requirements, the different algorithm can be used with the cipher suite. Below are some of the important Encryption Algorithms:

  1. AES

    AES stands for Advanced Encryption Standard which is the most common mode of data encryption. AES used 128 bit for data encryption while it also has the tendency to bring 192 and 256-bit heavy encryption. This encryption algorithm has been endorsed by the US government and can be considered best to protect the system against all kinds of attacks, but not the brute force attack.

  2. RSA

    RSA can be defined as the de facto algorithm to encrypt the data transmitted over the internet. It is nothing but the asymmetric algorithm and has been considered just opposite to that of Triple DES that is a symmetric algorithm. In RSA, the data has been encrypted using the public key while a private key has been used to decode it. The main concern comes in while using this algorithm is, the private key has to be kept very secure to protect the data or system from abuse.

  3. Triple DES

    Triple DES can be defined as the updated or advanced version of the Data Encryption Standard that has been used to encrypt the data in many organizations. Triple DES is the symmetric algorithm and hence depends upon a single key to encrypt and decrypt the data. It has been called Triple DES as the uses three different keys of 56 bits each in order to encrypt the data which eventually makes it 168-bit data encryption. In some of the industries, DES has been considered as the standard to protect the data as it is the most common encryption algorithm.

  4. Blowfish

    Blowfish may be defined as the symmetric algorithm that has been introduced to replace the Data Encryption Standard(DES). This algorithm divides the entire message into the block of 64 bits which then gets encrypted individually to enhance the security. Blowfish is often used in the websites that accept or process the payment online in order to encrypt the card and other critical details.

  5. Twofish

    Twofish can be defined as another symmetric algorithm that is actually a predecessor of Blowfish. Unlike to Blowfish, there is just a single key used to encrypt or decrypt the data and the key is supposed to be a 256-bit long key. It is freely available for anyone who wants to use it and due to its free and easy availability, it has been preferred by several software and hardware environments.

Understanding Symmetric and Asymmetric Algorithm

Let’s discuss the two modes of encryption below: Symmetric Algorithm

It may be defined as the encryption algorithm that uses a single key to encrypt and decrypt the data. The data has to pass through this algorithm to get transformed into the ciphertext that can be decrypted by any of the peers using the same key that has been used to decrypt it. It is used as the core algorithm to develop other algorithms like Blowfish, Twofish and so on. Asymmetric Algorithm

It may be defined as the kind of encryption algorithm that uses two different keys to encrypt and decrypt the data. The key used to encrypt the message is called the public key while the key used to decrypt the message is called the private key. Between the two keys, the private key has to be kept very secure to protect the system from a man in the middle attack. The encryption algorithms like RSA uses this mode of encryption. Conclusion

There are several encryption algorithms out there in the market available for us to secure the data that has to be transmitted through the internet. The sole reason for the existence of these algorithms is to protect the man in the middle attack which is concerned with the sniffing of data by someone malicious in an unauthorized manner. Based on the requirement of the software or the hardware system, we can choose the encryption algorithm among various available options. In some organizations, usually, they select any particular algorithm as the standard one in order to transform the message into ciphertext.

As per the requirement based on the speed of encryption, the algorithm has to have opted. For instance, the Blowfish works enough fast to speed up the encryption processes. So many of the systems that require quick encryption and decryption of the data should have to process with Blowfish. When it comes to government-based organizations, they prefer to have their standard encryption algorithm applied everywhere in order to manage the standard. There are several algorithms that have been made available for free so that the organization will low budget in their security department can also leverage it to protect their data being exchanged online.

anitsh commented 4 years ago

Decryption

It is a procedure of modifying data which has been accomplished as undecipherable material via encryption to its decipherable state. In the process, the system obtains and converts the confusing data into words and pictures that are simply comprehensible both for the reader and system. It might be performed automatically or manually. It might even be accomplished with an assortment of codes or passwords.

It is a process to unveil the secured data and for it, the structure obtains and transforms the mixed-up data and modifies it an accessible language and image for both the reader along with the system. The decrypted data received by anyone where a window will come up to enter the password required to obtain the encrypted data. It could be performed automatically or manually as well as it might be even done through the collection of passwords or codes. What is Decryption?

The most significant cause for executing a decryption processor encryption process is the privacy. It becomes a matter of analysis and accessibility from unapproved people or companies as data migrates across the World Wide Web. As a consequence, information is encrypted to diminish the loss and theft of data. Few of the usual items are encrypted comprise images, directories; email messages, user data, and text files. The individual handling this gets an immediate window in which it has to punch in it to obtain encrypted data. Why is Decryption Used?

The development of continuous algorithms for substantial encryption has a greater requirement for intelligence and law enforcement specialists in a arms race in computation. Moreover, organizations requiring to handle the examinations of digital security or to recover lost passwords meet the similar mounting challenge. In addition, utilizing the most advanced ways to decrypt, the requirement for extensive computation could not be avoided which is the reason for further decryption Federal agencies and ISVs are embracing Frontier as their choice of ammunition.

Furthermore, the capability is to assist agencies to have in-house decryption or algorithm of steganographic with Frontier. As well as Paragon is included with few of the great commercial decoders to provide turnkey enterprise networks that deliver decryption on numerous computers across a whole company. How does Decryption Works?

Meanwhile, you recover information from a Veeam Backup, encrypted backup file, and Replication produces information decryption automatically in the backdrop or needs you to give a key.

In case encryption password is needed to unravel the backup file are accessible in the Replication configuration database & Veeam Backup, you will not require inserting the key. Replication & Veeam Backup utilizes passwords from the database to open the backup file. Information is achieved in the backdrop, and data recovery does not vary from that from the unencrypted data.

Automated information is accomplished in the subsequent requirements which are sufficed:

You will encrypt or encrypt the backup file on the similar backup server utilizing the similar Replication configuration database & Veeam Backup.
For the backup file as they are not excluded from the Replication console & Veeam Backup.
In case encryption passwords are not accessible in the Replication configuration database & Veeam Backup, you require giving a key to unraveling the file which is encrypted.
Information is achieved at the origin side subsequent information is conveyed back from the destination point. As a consequence, encryption passwords are not transferred back from the origin point, which assists evade information capture.

The process beneath displays the procedure for VeeamZIP tasks, backup, and backup copy jobs. The procedure comprises of the following actions. Take into account that action one and two are needed just if you are decrypting the file on the backup server different from the encrypted file in the backup server.

Import the file into the backup server. Replication & Veeam Backup informs you that the file is encrypted and needs a key. You should mention a key for the file that is imported, although, in case the password is altered numerous or just one time, you require mentioning the key in a subsequent way:

In case you choose to import a .vbm file then you should mention the current key that was utilized to encrypt file within the backup chain.
In case you choose to import an entire backup file, you should have the complete collection of keys that could be utilized to encrypt files in the chain back up.

Replication & Veeam Backup examines the submitted password and based on the password produces the user key. With the access of the user key replication & Veeam backup does decryption in a consequent manner:

To decrypt the storage key Replication & Veeam Backup employs the user key. The storage unravels principal session keys and a Meta key.
With the aid of the session key, you can decrypt data blocks.
Following the encrypted file is unraveled as you can operate with it.

Advantages and Disadvantages

The cause of using decryption are different, however, sufficient security is unmistakably one of the advantages. This method gives the organization smooth management specifically. It is simple to view that system can give benefit to professionals of security as it evades the usage of encryption to muddle ex fil iteration of delicate information.

The disadvantages are basically dual. The very first concerns privacy, in case, a company picks to use decryption, it operates on the risk of separating an essential part of the workforce. In case, an employee by chance of checking their email or bank details they might discover it hard that they can at any time be triggering a firewall incident due to any inadequately selected keywords. Hence, specific anticipation of privacy for the end consumer is renounced when it is executed, due to inexperienced spectators who have none of the concern in exposing delicate organizational data might have their network traffic observed as a consequence of involuntarily activating the firewall.