More Related Content
Similar to Cscu module 04 data encryption (20)
Cscu module 04 data encryption
- 2. 2 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Roughly 40 percent of IT workers believe they could hold an employer’s network hostage — even after
leaving the company — by withholding or hiding encryption keys, according to a recent survey of 500
IT security specialists.
The study, released Monday, May 23, also revealed that a third of survey respondents were confident
that their knowledge and access to encryption keys and certificates could bring a company to a halt
with little effort. Conducted in April 2011, the survey was sanctioned by Venafi, a network key and
encryption provider.
40 Percent of IT Workers Could Hold Employer Networks Hostage, Survey Finds
“It’s a shame that so many people have been sold
encryption but not the means or knowledge to
manage it,” said Jeff Hudson, CEO of Venafi, in a
statement. “IT departments must track where the
keys are and monitor and manage who has access to them. ... It’s no longer rocket science. Yet recent,
costly breaches at Sony, Epsilon and elsewhere reinforce the need for both more encryption and
effective management.”
http://www.govtech.com
May 23, 2011
- 6. 6 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
What Is Encryption?
Plain text
(‘Morpheus’) Bob Alice
Encryption is the process of converting data into a cipher text that cannot be
understood by the unauthorized people
To read an encrypted file, you must have access to a secret key or password that
enables you to decrypt it
Encryption is used to protect sensitive information during transmission and storage
Encrypted DATA is
received by Alice
Alice receives the
plain data after
decryption
Encrypted DATA
(‘3*.,~’@!w9”)
- 8. 8 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Usage of Encryption
It helps to safely store
sensitive information on a
computer or external storage
media
Encryption is used to protect
user credentials such as user
name and passwords
Encryption provides
assurance of a sender’s
identity
It is also used as a resource
for web‐based information
exchange to protect
important information such
as credit card numbers
Encryption provides a secure
medium for users to connect
to their friends’ or employees’
network from outside of the
home or office
It provides a higher level of
trust when receiving files from
other users by ensuring that the
source and contents of the
message are trusted
- 10. 10 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Types of Encryption
Symmetric Encryption
Symmetric encryption (secret‐key, shared‐key,
and private‐key) uses the same key for
encryption and decryption
Asymmetric Encryption
Asymmetric encryption (public key) uses
different encryption keys for encryption and
decryption. These keys are known as public
and private keys
Hash Function
Hash function (message digests or one‐way
encryption) uses no key for encryption and
decryption
Dear John,
This is my
A/C number
7974392830
Dear John,
This is my
A/C number
7974392830
Guuihifhofn
kbifkfnnfk
Nklclmlm
#^*&(*)_(_
Encryption Decryption
Plain text Plain textCipher text
Symmetric Encryption
Asymmetric Encryption
Dear John,
This is my
A/C number
7974392830
Dear John,
This is my
A/C number
7974392830
Guuihifhofn
kbifkfnnfk
Nklclmlm
#^*&(*)_(_
Plain text Cipher text Plain text
Encryption Decryption
Hash function
Plain text Cipher text
Hash function
- 11. 11 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Symmetric vs. Asymmetric Encryption
Symmetric Encryption Asymmetric Encryption
Symmetric encryption uses only one key
for both encryption and decryption
The key cannot be shared freely
Symmetric encryption requires that both
the sender and the receiver know the
secret key
Using symmetric encryption, data can
be encrypted faster
This algorithm is less complex and faster
Symmetric encryption ensures
confidentiality and integrity
Asymmetric Encryption uses a public key
for encryption and a private key for
decryption
In asymmetric encryption, the public key
can be freely shared, which eliminates the
risk of compromising the secret key
The encryption process using Asymmetric
Encryption is slower and more complex
Asymmetric encryption ensures
confidentiality, integrity, authentication,
and non‐repudiation
- 19. 19 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
How Digital SignatureWorks
SIGN
SEAL
DELIVER
ACCEPT
OPEN
VERIFY
Encrypt message using
one‐time symmetric key
Encrypt the symmetric key
using recipient’s PUBLIC key
Mail electronic envelopes
to the recipient
Confidential
Information
Rehash the
message and
compare it
with the hash
value attached
with the mail
Recipient decrypt one‐time symmetric
key using his PRIVATE key
Decrypt message using
one‐time symmetric key
Hash value Sender signs hash code using
his PRIVATE key
Append the signed
hash code to message
Unlock the hash value using
sender’s PUBLIC key
- 23. 23 Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Module Summary
Encryption is the process of converting data into a cipher text that cannot be understood
by the unauthorized people
Symmetric encryption uses only one key for both encryption and decryption, whereas
asymmetric encryption uses a public key for encryption and a private key for decryption
Encryption provides a higher level of trust when receiving files from other users by
ensuring that the source and contents of the message are trusted
A digital certificate is an electronic card that provides credential information when
performing online transactions
A digital signature implements asymmetric cryptography to simulate the security
properties of a signature in digital, rather than written form