Encryption

1. Encryption Name : Maryam Mohammed Alshami ID:H00204657

2. Encryption : is the process of encoding messages or information in such a way that only authorized parties can read it. • Important part of computing to keep our file secure and • If you have secure communication you need to use Encryption

3. difference between encryption and decryption? *. Encryptionis the process in which readable text is converts into the unreadable text. In which the readable text is referred as "Plain text" while unreadable text is referred as cipher text.*. Decryptionis the process in which unreadable text is converts back into the readable text

4. two type of Encryption • Symmetric key • Encryption algorithms that use the same key for encrypting and for decrypting information are called symmetric-key algorithms. The symmetric key is also called a secret key because it is kept as a shared secret between the sender and receiver of information. Otherwise, the confidentiality of the encrypted information is compromised.

5. Figure 14.1 shows basic symmetric key encryption and decryption.

6. two type of Encryption (con’t) • Public key encryption • Encryption algorithms that use different keys for encrypting and decrypting information are most often called public-key algorithms but are sometimes also called asymmetric key algorithms . Public key encryption requires the use of both a private key (a key that is known only to its owner) and a public key (a key that is available to and known to other entities on the network). A user's public key, for example, can be published in the directory so that it is accessible to other people in the organization. The two keys are different but complementary in function. Information that is encrypted with the public key can be decrypted only with the corresponding private key of the set.

7. Figure 14.2 shows basic encryption and decryption with asymmetric keys.

8. Investigating Encryption Technologies:UCONN Health Center • Windows EFS: • Supports encryption of file systems on W2K, XP and Server 2003 • Certificate Based • Asymmetric public key encryption • Symmetric 3DES encryption for file or directory on disk • May be implemented using self generated certs or centrally through a Certificate Authority (CA)

9. Investigating Encryption Technologies:UCONN Health Center • Windows EFS: • Limitations: • Microsoft centric solution • Encryption key is stored in the user’s profile • Key recovery is enabled through a policy that adds a recovery key to the encryption scheme; typically accessible to domain/local administrator

10. Investigating Encryption Technologies:UCONN Health Center • PGP: • Limitations: • Geared toward email encryption – Disk encryption appears to be viewed as an ancillary benefit • No Linux Support • Expensive • Looks like we’ll be moving in this direction!

11. Encryption Issues When should encryption be used? • Whenever there is a chance for interception or exposure by an individually who does not have a need to know

12. Encryption Issues (cont’d) • What is the Risk/Reward Equation for encryption? • Risks are high for encrypting stored data – Loss of key generally = loss of data • Offset by the recent string of incidents where PCs/laptops containing sensitive info have been stolen. Info that was not encrypted must be assumed to have been disclosed. • Risks are high for not encrypting data in motion – Plaintext messages can be analyzed • Hard to tell if unencrypted data has been viewed or altered