Professional Documents
Culture Documents
Cryptography Week 5
Cryptography Week 5
Security
Module 4
Introduction
With more than three-quarters (77 percent) of American online daily
and a growing number of internet-connected devices in and around
the house, it comes as no surprise that cyberattacks on cities, corporations,
and individuals remain a serious problem. This spring, the city of
Atlanta endured a crippling ransomeware attack arguably one of the
most impactful cyber breaches against a large American city (it took five
days for the city government’s computers and printers to get back
up and running).
The end goal? Protect personal information and make it safer for
users to send messages over public spaces without unwanted cyber threat.
But how exactly does cryptography accomplish this? Is cryptography just another name for
encryption? And what are some ways users can bulletproof their email messages using encryption,
leaving intrusive eavesdroppers frustrated and defeated?
Cryptography is the study of secure (yet accessible) communications. Encryption and ciphers fall
under this umbrella. Encryption is the process of turning text into code. A cipher is that actual code.
Think of encryption as the driving force of cryptography. But how does basic encryption work?
But let’s get into the nitty-gritty details. Putting a magnifying glass up to the hypothetical email
message you just sent your boss, here’s how it got to your boss’ inbox in one piece.
COURSE MODU
You type up your message and send it to the encryption program along with
your encryption key (remember, we need both encryption and decryption programs
for this to work). As mentioned, the normal, readable message (or plaintext) you
created transforms via
encryption to a jumble of unreadable characters (ciphertext) and is sent over the
internet to your boss.
Now on your boss’ end: She receives the ciphertext, which hopefully is left
untampered (no man-in-the-middle attack). In a perfect world, the ciphertext
transforms via her decryption program and decrypting key back into your original
plaintext message, and the cryptography process is complete.
There are two main ways the cryptography process works: asymmetric-key
encryption and symmetric-key encryption. Put simply, symmetric-key encryption is
when the encryption and decryption key matches; asymmetric-key encryption is
when they don’t. But, as with cryptography, there’s more to it
Symmetric-key encryption, or private-key encryption, encrypts and decrypts using one shared
(yet private) key. Its algorithm, or cipher, is typically speedy and efficient. Plus, it’s great for
storing encrypted documents. Encrypted communications, however? Not so much. The key
must be kept secret at all times by both the sender and the receiver; if one leak, the encryption
method is a bust. You’d then think that private-key encryption was an outdated encryption
algorithm, but it’s actually not, and here’s why
COURSE MODU Myth Buster: Private-Key Encryption Is Not a Weak Defense
A little over two decades ago, the National Institute of Standards and Technology
(NIST) decided to use a private-key cipher as the encryption standard for U.S.
government agencies. Long story short, inventors created a 128-bit private-key
cipher that became the Advanced Encryption Standard (AES). How secure is the
code? It would take billions of years for a supercomputer running a brute force
attack to crack it.
The good news doesn’t stop there; according to a Grand View Research report,
the encryption software market is expected to hit $8.4 billion by 2024, which
translates to a compound annual growth of more than 14 percent from 2016 to
2024. Still, there’s more progress to be made: 65 percent of internet users
cite memorization as the top way to keep track of passwords, and less than one-
tenth of Gmail users rely on two-factor authentication. It’s poor cyber-hygiene
practices like these that make it easy for spammers, spoofers, and hackers to walk
through the virtual front door. But you can protect yourself with these encryption
tips: