Encryption and data security date back to ancient Egypt where one can see a tombstone from the early 1900 BC which had non-standard hieroglyphs engraved on it. Since then it has continued to remain in existence and has grown progressively sophisticated. The Enigma rotor machine from the days of WW2 is also encryption at play.
Data security is even more relevant in this age as all the critical data is stored in the digital form and things can go wrong in umpteen ways and data can fall into unauthorized hands.
What is Data Security?
Data security is applicable throughout the lifecycle of the data and it is the practice of preventing data from unauthorized access, corruption, and theft. Complete data security is a combination of people, policies, processes, and technologies employed by an organization to protect its digital assets from malicious elements.
Deconstructing Data Security
Data security can be achieved with one of the methods listed here or with a combination of methods. Data that is stored in servers may be secured using a certain technique whereas data in transmission could be secured with another technique.
Some of the commonly used principles in data security are listed below
Hashing is an algorithm performed on a file/message to produce a unique hexadecimal number termed ‘hash’. This hash is calculated at the source as well as the destination for the transmitted data. The two hashes are then compared and only if they match, the data is deemed to be untouched during transmission.
Some of the popular hashing algorithms are Message Digest 5(MD5), SHA (Secure hash algorithm), RIPEMD.
Use Case: Over the air software update can use hashing for ensuring data integrity. It is also used in password verification.
Tokenization is the process of exchanging sensitive data for non-sensitive data called ‘tokens’. Tokenized data cannot be deciphered nor can you obtain the original data without having access to a separately stored reference database. The process of obtaining the original data back from the token is called detokenization.
Use Case: For storing extremely sensitive data such as PAN (Permanent account number) or your credit card details, or any data on the cloud.
When you enter your password during net banking operations, did you observe that your password is suffixed with a set of new characters as soon as you press the enter key? The bank’s website is salting your data to prevent data theft.
Salt is, therefore, a random set of characters appended to the data to generate a unique output.
In further parts of processing, a hash will be created for this salted data and compared against the hash generated for the salted password stored in the database. This prevents password thefts effectively.
Use Case: For storing passwords in databases.
Encryption is where you scramble data in a way that only someone with a corresponding ‘key’ can unscramble it and retrieve the original information. The algorithm used to encrypt a data file is called a ‘cipher’. Encrypted data is called a ciphertext.
Use Case: For sending confidential data over public networks.
Some more on Encryption algorithms
It is interesting to delve into some of the popular encryption algorithms used in the digital world today. The symmetric and asymmetric encryption algorithms used these days primarily use public and private keys
The public and private keys: The public and private keys are the primary constituents of public-key cryptography. While the public key is known to all, the private key is privy to the intended recipient of the data.
Asymmetric encryption is deemed to be strong and more secure than its symmetric counterpart. In the asymmetric method, encryption is done with the public key whereas decryption requires a private key. Since it employs two sets of keys, it is slightly slower.
In this method, each concerned party has its own set of private keys that can be used for both encrypting and decrypting a file. This renders the process of encryption and decryption faster.
Modern encryption algorithms
Some of the popular modern-day encryption algorithms are
AES – Advanced Encryption Standard, also known as Rijndael encrypts data in blocks of 128 bits each. For robust encryption, it also uses 192 and 256-bit keys in some cases.
RSA – Named after its creators Rivest-Shamir-Adleman, RSA is an asymmetric encryption algorithm. RSA keys are typically 1024 or 2048 bits long.
ECC – Elliptic Curve Cryptography is an effective public key-based algorithm and is hyped to be the next generation implementation and much more advanced than RSA.
Blowfish – A symmetrical encryption method, blowfish fragments data into blocks of 64 bits and encrypts them individually. This algorithm is not patented and finds wide use in the e-commerce sector
Twofish – A successor of blowfish, Twofish encrypts 128-bit long blocks of data. The key used in encryption is usually 256-bit long.
Not having data security measures for your data makes it extremely vulnerable to thefts and attacks, directly costing you money and user trust. Depending on the type of data operations and the risk profile, you can choose an appropriate method for retaining your data’s integrity.
Let us know in the comment section below if you would like to know more about encryption algorithms and how exactly it is implemented on real-world data.