Safeguard Network  «Prev  Next»
Lesson 5 Encryption
Objective Describe how encryption protects data.

Encryption Protects Data

Encryption

Encryption protects the integrity and confidentiality of data. By transforming data into a form that is readable only by those with the proper decryption algorithm and keys, encryption allows secure communication on insecure channels. For example, if you want to send a private email message, you could encrypt your message before sending it and have the receiver use a special "key" to undo it and read it.
A "key" in the encryption context is actually a string of bits (or code). Keys are the specific values in the mathematical algorithm used to transform data. They are typically 40 to 128 bits long. The longer the key, the harder it is to break the encryption code. A 128-bit key is literally trillions of times stronger than a 40-bit key.

Encryption standards

Encryption standards vary from country-to-country, as well as for worldwide transmissions. At present, the United States has designated strong encryption technologies (keys exceeding 40 bits) as munitions and therefore restricts encryption use to the following:
  1. 40-bit keys for communicating with people outside the United States
  2. Keys up to 128 bits long, for communicating within the United States
Keep up to date on current encryption standards at sites such as
Archived-crypto-projects/aes-developmen which is the NIST Advanced Encryption Standards (AES).

Public/private key encryption

In public key encryption, an encrypted message is sent using a public key that is known to only the sender and the receiver. However, only the receiver's private key, which remains secure since it is never transmitted across the network, can decrypt the data.
Unlike a public key, which uses two separate keys
  1. one to encrypt,
  2. one to decrypt
private key encryption uses one key to both encrypt and decrypt messages.

Secure electronic transactions (SET)

SET is a protocol designed by Visa and MasterCard to facilitate highly secure payment card transactions over the Internet. While it uses public key encryption similar to other credit card transaction processing systems, the SET protocol sends credit card information directly from a customer to the online merchant's bank without the merchant having access to the credit card information. By isolating the merchants from exposure to the card's numbers, the potential for misuse of those numbers is minimized.

Secure Electronic Transactions
(SET) Secure Electronic Transactions

Encrypted Messages - Exercise

Click the Exercise link below to reinforce terms and concepts related to encryption.
Encrypted Messages - Exercise
In the next lesson, you will be introduced to the security fundamentals of SSL and digital signatures.