Open in app

Sign in

Write

Sign in

What is Encryption Crash??

Society of AI
4 min readDec 21, 2020

Goals and Learning objectives:

a. Basic concepts

b. SSL and TLS

c. HTTPS and Digital Certificate

d. End 2 End Encryption

e. Steganography

a. Basic Concepts:

For privacy and security purposes one must have a bit knowledge of encryption. No need to know the hardcore mathematics and as such, just in simple terms what is encryption, its types, how it works and all.

Now what exactly is encryption? It’s a way of transforming readable data (referred to as plain text here on) into a form which is unreadable (referred to as cipher text here on). This makes storage or transmission of the data unreadable and keeps it confidential and private. So, to make this data again readable, we use the process of decryption.

Encryption and Decryption is done using keys (can be public or private).

There are 2 main types of encryption:

Symmetric: Here the key used to encrypt and decrypt is the same. This key is a private key (differs from user to user).

Asymmetric: Here the keys are different i.e., a public key and a private key is used. Each public key can have only one private key. As the name states, public key is publicly available but private key differs from user to user.

Secondly, we’ll discuss about Hash Functions. What are hash functions? Hash function is any function where in you put data ‘a’ of any size and get data ‘b’ of fixed size. These are useful as they’re irreversible. These are made to keep “Integrity” of data and helps in detecting intentional modification.

Lastly digital signatures. It is a hash value encrypted using sender’s private key producing digitally signed message. It provides “Authentication”, “Non-Repudiation” and “Integrity”.

b. SSL and TLS:

SSL stands for Secure Socket Layer and TLS stands for Transport Layer Security.

They use all cryptographic technologies like symmetric/asymmetric algorithms, hashes, digital signatures, etc. These are designed to provide security over transmission of data. SSL is older protocol whereas TLS is newer protocol.

c. HTTPS and Digital Certificate:

HTTP is an application layer protocol of websites. Example: http://www.google.com. This protocol sends complete text to and from server.

HTTPS protocol is HTTP Secure protocol, which uses SSL/TLS certificates over transmission to encrypt data and provide additional security.

In HTTP requests, data looks something like this:

Whereas in HTTPS requests looks like this:

Digital Certificates are used with HTTPS under various encryption methods. These digital certificates provide SSL/TLS security over transmitting data. It is like an “electronic password” allowing an individual/organization to share information/data with others using PKI (Public Key Infrastructure) over internet.

These certificates are issued by Certificate Authority (CA), which acts as 3rd party in providing it so as to make sure user trusts them. Digital Certificates provide “Confidentiality”, “Integrity”, “Non-Repudiation” and “Access Control.”

d. End 2 End Encryption:

It happens when the data is encrypted by sender and can only be decrypted by the recipient. This is a desired form of encryption, the data in transit for maximum protection if you wish to avoid getting hacked, surveillance or tracking.

E2EE is made with purpose of getting reversed unlike hash functions. This includes SSL/TLS as well. It doesn’t reveal the details of communication to others irrespective of the fact that they developed this technology.

e. Steganography:

Steganography is the concept of hiding files/data in other less useful files/data. In simple terms, it can be said as hiding data in plain sight. For example, hiding some text in an image file. The image file will not look any different from before, but it’s code would be containing our text which doesn’t reflect in front.

This is vastly used for information exchange and planting a malware in systems using code embedded in files.

Conclusion: How Security and Encryption are really attacked.

Security and Encryption are really attacked

Attackers avoid attacking encryption directly and instead go for low hanging fruits (Social Engineering, Malware, etc.) They try to bypass it if possible, and they’ll keep brute force as a last resort when nothing else can be done.

If you liked the story and want to appreciate us you can clap as much as you can. Appreciate our work by your constructive comment and also you can connect to us on….

Youtube: https://www.youtube.com/channel/SocietyOFAI

LinkedIn : https://www.linkedin.com/company/society-of-ai

Facebook: https://www.facebook.com/societyofai/

Website : https://www.societyofai.in/

Encryption
Decryption
Https
Steganography
Digital Certificates

--

--

Society of AI

Written by Society of AI

92 Followers

Society of AI has an vision to educate people how Artificial Intelligence can change their life!

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams