What is an Encryption Key?
Encryption is a form of security that turns information, images, programs, or other data into unreadable cipher by applying a set of complex algorithms to the original material. These algorithms transfer the data into streams or blocks of seemingly random alphanumeric characters. An encryption key might encrypt, decrypt, or perform both functions, depending on the type of encryption software being used.
There are several types of encryption schemes, but not all are secure. Simple algorithms can be easily broken using modern computer power, and yet another point of weakness lies in the decryption method. Even the most secure algorithms will decrypt for anyone who holds the password or key.
Symmetric types of encryption schemes use a single password to serve as both encryptor and decryptor. Supplying the encryption key, one can “mount” the drive and work in an unencrypted state, then return the drive to cipher when finished.
The algorithms used are considered very secure, with one of this type adopted as the Advanced Encryption Standard (AES) used by the U.S. Government for storing classified and top secret information. The one weakness of symmetric encryption programs is that the single key must necessarily be shared, presenting an opportunity for it to be leaked or stolen. Part of key management involves changing the key often to improve security.
Public asymmetric encryption schemes also use highly secure algorithms with a different method of encrypting and decrypting. This software uses two keys, known as a key pair. One is the public key, and can be freely shared or given to anyone because its only job is to encrypt. The other key is the private key, and is not shared. The private key is required to decrypt anything that has been encrypted by the public key.
Asymmetric encryption software is widely used for making email and instant messaging private. Users can install one of many available encryption programs, and the program generates a key pair for the user. The encryption key, or public key of the key pair, can be sent to others who are also running a compatible encryption program.
Once another person has the public key, he or she can send encrypted messages to the owner of the public key. After a message has been encrypted, even the author cannot decrypt it. In the encryption process, the algorithms are based on the key pair, and only the private key of that specific key pair can reverse the encryption process. The mail or message is then sent to the owner of the public key.
Upon receipt of the mail, the private key will request a passphrase before decrypting. For maximum security, this passphrase should be supplied manually, but software will allow a user to store the passphrase locally so that messages can be decrypted automatically. Asymmetric encryption is considered more secure than symmetric encryption, because the key that triggers decryption is not shared.
Regardless of the type of encryption, if someone gains access to a computer, the data is only as secure as the passphrase that protects the encryption key. The best passphrases are alphanumeric and random, though these are harder to remember. If someone must pick something recognizable, he or she should avoid addresses, license plate numbers, names, pets, or other easily cracked passwords, and include numbers plus characters that are neither letters nor numbers. Most importantly, each password should be completely unique from all others in use, as adopting a single password or a "theme" on passwords vastly reduces security and increases vulnerability.
@spreadsheet, while I can sympathize for your reaction and discouragement about illegal groups of hackers destroying the very financial fabric of our lives, it is important to be noted that much more money is spent in the legal market then in the black market in terms of encryption.
This doesn't directly correlate to safety or security with our coding but it does go to show that there are many more good guys working on new and secure encryption keys then there are bad guys trying to crack them.
Computer security and encryption is a multi-billion dollar market industry and thousands of trained and highly intelligent professionals fill the cubicles of these high-tech firms. This doesn't even include the highly-specialized military and government functions and employees that create a security for our societies protection.
Sure, the production and creation of such systems is often privately contracted from outside the military but I can assure you that such measures are far beyond what is available to the civilian market.
So when you are up late at night worrying about your 401k or the crooked looking clerk at the gas station and what he did with your credit card, just remember, trained and education security professionals are working around the clock to bring you the best available means of electronic encryption.
Unfortunately, as much as we might want a warm and fuzzy feeling from having our most sensitive of data being passed around on plastic based magnetic strips, the reality is much different.
Encryption keys are just begging to be broken by a variety of groups around the world that have nothing but bad intent with your financial records. Cracking groups will often spend months on a single project that can potentially yield millions of dollars in scammed money and information.
These crackers find is specifically challenging and rewarding to take our precious encryption keys and solve their puzzle. To them it is a game and to us a worst nightmare of losing all that we work so hard for everyday to a bunch of illicit ones and zeros flying over copper and fiber optic cables.
I don't think that the general public truly knows just how key encryption is in their daily life. Most people don't know what encryption is let alone an encryption key.
All day long as well go through life there are some very basic electronic functions that we now just pass off as normal. One of the biggest is the use of credit cards and debit card systems for the transfer of money at a point of sale.
When we visit any kind of store that allows the use of a credit or debit card for the purchase, that system in turn will encrypt you personal card information and send it electronically to the credit card company or bank that controls it.
An encryption key is used on both ends to make this common daily activity a safe reality for families and businesses across the world.
We rely so heavily on electronic communication that encryption keys really do play a bigger role in most peoples lives then they can imagine.
Many of our modern encryption techniques are based on the endeavors of Italian cryptographer Leonardo Fibonacci, who introduced the relatively simple decimal Hindu-Arabic numeral system (as opposed to the Roman numeral system).
Fibonacci discovered the Fibonacci numbers, which are a system of numbers adding the previous two positive whole integers to create a sequence which explains certain natural phenomena. Matrices formed from this system are the basis of certain cryptographies.
Post your comments