Understanding data encryption to protect your sensitive information
Data encryption has become increasingly popular in recent years. This is due to a growing number of cyber-attacks, as well as to data confidentiality issues.
But to fully exploit the potential of this technology, we need to understand what it is and how it works in practice.
What is data encryption? What are the different systems available, and what are their advantages and applications?
Here's how.
Data encryption: definition
In computing, data encryption is defined as the process of encrypting information to make it incomprehensible to unauthorized eyes.
To achieve this, plaintext is transformed into ciphertext using an algorithm. Only an encryption key can be used to decrypt the content.
This technology can be used to protect :
- all types of data :
- strategic corporate data,
- banking data
- personal information,
- passwords, etc.
- whether in transit on the web,
- stored in the cloud,
- or stored "hard-coded" :
- on computer,
- on a USB key
- external hard drive, etc.
As a result, data encryption is equally suited to private and professional use.
💡 Encryption or encryption? It's customary for both terms to be used interchangeably on the web. But purists will point out that this is a mistake. In fact, the word " encrypt" does not exist in computing. As for decryption, it applies to deciphering without possession of a key.
Why data encryption?
Cybersecurity issues
Identity theft, bank data theft, hacking... data encryption helps protect you from ill-intentioned parties.
Beware, however, that hackers use malice to attack the encryption itself, using :
- brute-force attack: the hacker randomly tests all possible codes until he finds the right one;
- Lateral attack: the hacker exploits flaws in the implementation of the cipher, rather than the cipher itself;
- or cryptanalysis: the attacker attempts to deduce the encrypted message without possessing the encryption key.
Hence the importance of using long keys (which multiply the possible combinations) and perfectly tested and mastered encryption systems.
Confidentiality issues
Data encryption is particularly popular in the corporate world, because companies store, handle and transfer a large amount of sensitive information.
By encrypting data, they can meet two major confidentiality challenges:
- strategic issues: business plans, customer files, trade secrets... it would be detrimental if such information fell into the wrong hands.
- legal issues: certain professions, such as the healthcare sector, are obliged to guarantee the confidentiality of data in their possession.
Manchester Police was fined £120,000 in 2012 [...] for having an unencrypted USB stick stolen, containing the data of around 1,000 people linked to criminal investigations.
Other benefits of data encryption
Finally, it should be noted that some encryption systems also make it possible to :
- identify the origin of a message,
- attest to the authenticity and integrity of the information it contains,
- guarantee non-repudiation: not to call into question the signature of a contract by the various parties, for example.
The different data encryption systems
The symmetrical encryption algorithm
How it works
With this system, the same encryption key is used to encrypt and decrypt the message.
💡 Here's how it works:
- Ross generates a secret key.
- He then sends this secret key to Rachel securely.
- Ross encrypts his document using the same secret key.
- He then sends the encrypted document to Rachel.
- Rachel receives the document, then decrypts it using the key she received earlier.
Note that there are two types of symmetrical encryption:
- Flow encryption: this operates bit by bit, using an algorithm that runs continuously on the data. It is therefore particularly suited to real-time communications.
- Block ciphers: each block of bits (64, for example) is transformed into encrypted blocks of the same size. This is the most widely used symmetrical encryption method.
Advantages and disadvantages
👍 Advantages:
Symmetrical encryption requires faster computing time. Practical if you have a large amount of data to protect.
It's also easier to understand for less experienced users.
👎 Disadvantages :
This type of encryption involves providing a key to the recipient, which can lead to security problems: one leak, and all the data is compromised. This is why this technology is best suited to :
- you want to encrypt documents for yourself,
- or when using a closed system.
Symmetrical encryption, on the other hand, is mainly used to ensure data confidentiality, but does not go beyond this.
Examples of symmetrical encryption algorithms
Among the most widely used symmetrical encryption algorithms are :
- DES (Data Encryption Standard): a 64-bit block cipher. The keys used are of the same size.
- AES (Advanced Encryption Standard): 128-bit block cipher. Different key sizes are used: 128, 192 or 256 bits.
- Blowfish: 64-bit block cipher. It requires keys of varying sizes, from 32 to 448 bits.
The asymmetric encryption algorithm
How it works
The asymmetric encryption algorithm uses two keys:
- a public key: this can be shared with anyone and is used to encrypt data,
- a private key, to decode the message.
If they are "mathematically" linked, deducing the private key from the public key is impossible.
💡 Here's how it works in concrete terms:
- Ross wants to send Rachel a message. So he asks her for her public key.
- Rachel sends her public key to Ross.
- Ross then encrypts his message using Rachel's public key.
- Ross then transfers the encrypted message to Rachel, who decrypts it using her remaining private key.
Advantages and disadvantages
👍 Advantages:
The main advantage is that the risks associated with transmitting decryption keys are avoided. Indeed, if a malicious person intercepts the exchanges, it is on the public key that it falls. It is then impossible to decrypt the message, since the private key has remained secure.
Asymmetrical encryption also enables electronic signatures.
👎 Disadvantages :
This technique takes longer and is more complex than symmetrical encryption.
Examples of asymmetric encryption algorithms
The most widely used asymmetric encryption algorithms include :
- RSA encryption (named after its founders Rivest, Shamir and Adleman): this is the most widely used asymmetric method, since it is based on the difficulty of factoring large integers.
- DSA (Digital Signature Algorithm) encryption: this algorithm was initially used to electronically sign documents.
How do you encrypt data? Examples of use cases and software for data encryption
A wide variety of data can be encrypted, using a variety of tools and software.
Here are a few examples to help you grasp the different use cases for data encryption.
Encrypting communications
By e-mail
When it comes to e-mail communications, Gmail and Outlook users already benefit from the possibility of encrypting their data:
- Gmail integrates the S/MIME encryption standard into its solution, which is functional if both sender and recipient have activated it beforehand;
- Outlook can also be configured to integrate the S/MIME protocol into e-mail exchanges.
💡 For stronger encryption, there are specialized mailboxes. ProtonMail, for example, has built its reputation on automatic end-to-end encryption. In other words, not even the provider can access your data.
Instant messaging
Some messaging applications also use end-to-end encryption, making data confidentiality one of their main selling points.
Signal is a case in point. Will the application replace WhatsApp, currently controversial for backing down on its user data encryption requirements?
Encrypt your passwords
To guarantee the security of your passwords, you need a password manager equipped with encryption technology.
LastPass, for example, uses the AES 256-bit standard to encrypt and decrypt all your data locally. Everything is perfectly secure, since even LastPass servers have no access to your master password and encryption key.
Encrypting your documents
There are various algorithms for encrypting sensitive documents stored on your computer or external hard drive. But as we saw earlier, the symmetrical method remains the most appropriate (no need to transmit a key).
Tools have been specially designed for this purpose. One of the most popular is 7-Zip. Free of charge, it can be used to compress and encrypt files.
Encrypt your network
How can you encrypt your network to protect data circulating on the web? By using a VPN, a tool that enables you to connect to the Internet in complete security, particularly on a public Wi-Fi network.
To do this, the VPN creates an encrypted tunnel, through which your data travels to its provider's server. This server then decrypts your data and sends it back to the site or application you wish to browse.
One of the best-known players on the market is NordVPN, with its 256-bit AES encryption standard.
You now have the keys to a better understanding of data encryption.
Are you already using encryption tools in your company? Let us know in the comments ;-)