Running head: Practical Connection 1
Practical Connection 2
Practical Connection
Professor Emmanuel Udoh
09/29/19
Data Security is very important role in this digital age as most of the activities like bank transactions etc happen over internet. This is achieved by encoding the information before it is sent which is also called encryption. Encryption is used for providing confidentiality of sensitive information such as documents, emails, messages etc. so that when these are sent only the recipient can see it after decryption. The plain text can be converted into cipher text (encrypted text) using various encryption algorithms. These include symmetric key encryption, asymmetric key encryption.
In symmetric key encryption, the secret key used for encryption is the same key used for decryption. This means the key also must be exchanged to successfully decrypt the message. This can be done in different ways like using block algorithms, DES etc. In block cipher, the plain text is first divided into chunks or blocks and then each of the block is encrypted with the secret key. But if the blocks of plain text happen to be similar, then there may be a chance that the plain text can be predicted. So, this can be improved by encrypting the 2nd block with the 1st block cipher key. The major disadvantage with this is if the secret key is compromised then the whole message can be decrypted by the hackers.
DES is the Data Encryption Standard that is first standardized cipher by the NIST. In this, the 64 bit input is converted into cipher text with a 56 bit key. This is improvised to 3-DES which uses 2 other keys to encrypt the plain text thrice to produce the cipher text.
In asymmetric key encryption, the plain text is encrypted using a key (public key) before sending and is decrypted using another key i.e., private key. The private key is the secret key which will be only with the recipient. The public key need not be a secret but the private key must be kept confidential. The public and the private keys can also be interchanged in few cases. The digitally signed message with the private key to be verified by the recipient to check if that is the actual message or not. The main advantage of asymmetric key encryption is, key distribution is eliminated as there is no exchange of keys hence, more secure. If the private key is lost then the decryption will not be possible which is major disadvantage of this encryption. It is also a slow process. The public key also has to be verified as it may have been shared (since it need not be kept secret).
The advantages of symmetric key encryption are, it is fast, it is more efficient compared to asymmetric key encryption, it helps achieving better performance and reduced data size while its disadvantages are, it is an older method of encryption, if the key is leaked the hacker may reconstruct the text using that key. It doesn’t have certificates so it doesn’t check for the expiry date of the keys.
Symmetric key encryption is mostly used in database encryption, payment applications, validating user information etc. The real time scenario for this is EVM Transaction. Authentication assures about the credit card transaction initiated by an authorized cardholder with the help of Chip and done by public-key cryptography (SDA(digital signature is created using card data), DDA(The card has key which generates dynamic digital certificate), or CDA)
A unique cryptogram key is embedded and stored by issuer within the chip of the credit card. When the user initiates the transaction, the EVM machine will generate ARQC(Authorization Request Cryptogram) request and will send it to the issuer for validation. Then issuer will compare it with own generated cryptographic data for authorization. Now issuer will respond with response code and generated ARPC (Authorization response cryptogram). Moreover, EVM machine will compare Authorization response(approved or rejected) and ARPC upon matching it can say that authenticated response is from authenticating issuer.
Verification of cardholder involves in signature, Online PIN, Offline PIN. Second example for this is dial-up VPN on the firewall. Remote Access VPNs use tunneling which encapsulates data with encryption so that only intended recipient can read it. We can use SSL Certificate for authentication as well as for encryption.
Another example is the Digital Certificate which is the electronic password. It allows the exchange of data over the network securely using PKI (Public Key Infrastructure). It helps organizations to utilize the security applications of PKI. It comprises of technology to enable communication over the internet and secure e-commerce.
Thus, now a days, data transmission (confidentiality, integrity, availability) and authenticity of user or server has become easier due to encryption.