Encryption is the process of converting information into a secret code that conceals the true meaning of the information. Cryptography is the science of encrypting and decrypting information. Unencrypted data is referred to as plaintext in computing, while encrypted data is referred to as ciphertext.
THE MAJOR ADVANCEMENTS IN ENCRYPTION TECHNOLOGY
1917 - WORLD WAR I
The Telegraph aided long-distance communication between the command post and battlefront, but the telegraph lines were easily tapped by enemies. Both sides relied heavily on codes to protect sensitive information.
Rotor cipher machines REVOLUTIONIZED ENCRYPTION TECHNOLOGY. A rotor machine is an electro-mechanical stream cypher device used in cryptography to encrypt and decrypt messages. For much of the twentieth century, rotor machines were the state-of-the-art in cryptography; they were widely used from the 1920s to the 1970s.
After British cryptographers deciphered the Zimmermann telegram in 1917, German inventor Arthur Scherbius patented the Enigma rotor machine by the end of 1918.
1937 - TURNING MACHINE
Alan Turning proved that his UNIVERSAL TURNING MACHINE could solve any computing problem described as a sequence of mathematical steps. It is now the modern principle of computer science.
Current computer systems work similarly to what Turing envisioned in his paper. It influenced the architecture used by most of the current computers, the von Neumann architecture.
Since these universal machines are equivalent to one another, this allows cyber attackers to break into any computer and run a program of the attacker's choice.
1976 - PUBLIC KEY ENCRYPTION
Invented by two Stanford mathematicians Diffie and Hellman who established the basis of ASYMMETRIC ENCIPHERING SCHEME.
This encryption method works when the sender uses the public key to encrypt the message and then the receiver uses the private key to DECIPHER IT.
The advantage to this type of encryption lies in the fact that EACH USER HAS ONLY ONE KEY to encrypt and decrypt messages that they send or receive.
1976 - DESIGN BY IBM BASED ON THE LUCIFER CIPHER
Horst Feistel and his IBM colleagues created a new encryption with changes by the U.S. NSA, including S-BOX IMPROVEMENTS and REUCTION OF KEY SIZE.
It was declared the U.S. DATA ENCRYPTION STANDARD (DES).
DES takes 64-bit blocks of data and a 56-bit key and applies 16 ROUNDS OF SUBSTITUTIONS AND PERMUTATIONS. Data encryption standard (DES) has been found vulnerable to very powerful attacks and therefore, the popularity of DES has been found slightly on the decline.
1997-2001 THE SEARCH FOR A NEW ENCRYPTION STANDARD
AES stands for Advanced Encryption Standard, a SYMMETRIC CRYPTOGRAPHIC ALGORITHM.
The National Institute of Standards and Technology SELECTED THE AES to meet the security needs of the 21st century due to increased attacks against DES.
The algorithm uses three key sizes: a 128, 192, or 256-bit encryption key. Each encryption key size causes the algorithm to BEHAVE DIFFERENTLY.
Increasing key sizes offers a large number of bits that SCRAMBLES THE DATA AND INCREASES THE COMPLEXITY of the cipher algorithm.
PROBLEMS FACED IN ENCRYPTION TECHNOLOGY
Brute Force Attacks
Involves a TRIAL AND ERROR METHOD used to get information such as a PIN numbers or passwords. These attacks can be used by hackers to decrypt data. They are usually based on computer power and the number if combinations tried, rather than an algorithm.
WORDPRESS is tracking more brute force attacks than ever before.
- From 2015 - June 2015: Attacks ranged from 2.2 million to 17 million a day
- After June, the number of attacks increased to 12 to 48 million per day.
- 28.1% from the U.S.
- 16.9% from FRANCE
- 8.4% from RUSSIA
Cold Boot Attack
Cold boot attacks are particular designed to EXTRACT INFORMATION when the content is stored on disk in encrypted form. Most encryption systems STORE the encryption key IN THE RANDOM ACCESS MEMORY for quick use.
A cold boot attack is typically carried out by an attacker with physical access to a running computer by cold-booting the machine and booting a lightweight operating system from a removable disc to dump the contents of pre-boot physical memory to a file. An attacker is then free to use various key finding attacks to analyse the data dumped from memory in order to find sensitive data, such as the keys. Because cold boot attacks target random-access memory, even with a trusted platform module installed, full disc encryption schemes are ineffective against this type of attack. This is due to the fact that the issue is primarily a hardware one (insecure memory), rather than a software one.
Experts have shown these attacks can DEFEAT DISK ENCRYPTION on many computers and smartphones with encrypted data.
Distributed Denial Of Service Attacks
A denial-of-service (DoS) attack is a type of cyber-attack in which the perpetrator attempts to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a network-connected host. In a distributed denial-of-service (DDoS) attack, the incoming traffic flooding the victim comes from a variety of sources. To mitigate this type of attack, more sophisticated strategies are required, as simply attempting to block a single source is insufficient because there are multiple sources.
- The biggest attack lasted over 13 HOURS AT 240 GB/s
- CHINA is the TOP COUNTRY GENERATING DDOS attacks
RECENT ADVANCEMENTS IN ENCRYPTION
Https
Hyper Text Transfer Protocol Secure(HTTPS) pages use one of the two secure protocols to encrypt communications: SSL OR TLS (Secure Sockets Layer or Transport Layer Security).
Unencrypted Hyper Text Transfer Protocol(HTTP) doesn't protect data from interception or alteration.
PROTECTED information includes cookies, user agent details, URL paths, form submissions and query string parameters.
Quantum Key Distribution
Two parties use single photons that are RANDOMLY POLARIZED representing ones and zeroes to transmit a series of random number sequences.
Quantum key distribution (QKD) is a secure communication method which implements a cryptographic protocol involving components of quantum mechanics. It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages.
Any Attempt to intercept a quantum key distribution would be DETECTED BY BOTH ORIGINATOR AND RECIPIENT.
QKD is considered one of the most POWERFUL DATA ENCRYPTION SCHEMES and the codes are virtually unbreakable.
Implementation Of Fully Homomorphic Encryption
Homomorphic encryption is a type of encryption that allows users to compute on encrypted data without first decrypting it. These resulting computations are left in encrypted form, which when decrypted produces the same output as if the operations had been performed on unencrypted data. Homomorphic encryption can be used to ensure the privacy of outsourced storage and computation. This enables data to be encrypted before being sent to commercial cloud environments for processing.
CAN BE USED IN CLOUD COMPUTING because computations are securely run over encrypted data without having to decrypt them.
Financial professionals could use FHE to assess the probability of an individual getting audited WITHOUT HAVING TO SHARE ANY PERSONAL DATA
Why Do We Need Data Encryption?
- Authentication: Public key encryption demonstrates that the origin server of a website owns the private key and was thus legitimately assigned an SSL certificate. This is an important feature in a world where there are so many fraudulent websites.
- Privacy: Encryption ensures that only the legitimate recipient or data owner can read messages or access data. This safeguard prevents cybercriminals, hackers, internet service providers, spammers, and even government agencies from accessing and reading personal information.
- Regulatory Compliance: Many industries and government agencies have rules in place that require organisations that work with users' personal information to encrypt that data. HIPAA, PCI-DSS, and the GDPR are a few examples of regulatory and compliance standards that require encryption.
- Security: Whether the data is at rest or in transit, encryption helps protect it from data breaches. Even if a corporate-owned device is misplaced or stolen, the data stored on it is almost certainly secure if the hard drive is properly encrypted. Encryption also protects data from malicious activities such as man-in-the-middle attacks and allows parties to communicate without fear of data leaks.
Good Info.
ReplyDeleteCan you make a post on DoS / DDoS
Sure
DeletePost a Comment