In: Computer Science
When encrypting data, we must ensure that both the sender and the receiver are in possession of the correct keys to allow them to either encrypt or decrypt the messages successfully. There are two main types of encryption defined by the number of different keys used. (10 marks total)
i. Name each type and briefly explain how they are different?
ii. Name one popular algorithm used for each type of encryption.
iii. A user would like to send a long, encrypted message over an untrusted network. Briefly explain how both types of encryption can be used together to ensure both the message and the encryption key may be sent securely.
Firstly we should know about the encryption ,what is it?
Encryption:
Encryption is the process of taking plain text, like a text message or email, and scrambling it into an unreadable format — called “cipher text.” This helps protect the confidentiality of digital data either stored on computer systems or transmitted through a network like the internet.
What is a key in cryptography?
A cryptographic key is a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.
There are two types of encryption:
What is symmertic encryption ?
In symmetric encryption the same key is used for encryption and decryption. It is therefore critical that a secure method is considered to transfer the key between sender and recipient.
What is asymmetric encryption?
Asymmetric encryption uses the notion of a key pair: a different key is used for the encryption and decryption process. One of the keys is typically known as the private key and the other is known as the public key.
The private key is kept secret by the owner and the public key
is either shared amongst authorised recipients or made available to
the public at large.
Data encrypted with the recipient’s public key can only be
decrypted with the corresponding private key. Data can therefore be
transferred without the risk of unauthorised or unlawful access to
the data.
Note :
The basic difference between these two types of encryption
is that symmetric encryption uses one key for both encryption and
decryption, and the asymmetric encryption uses public key for
encryption and a private key for decryption.
(ii)
Triple DES
Triple DES was designed to replace the original Data Encryption Standard (DES) algorithm, which hackers eventually learned to defeat with relative ease. At one time, Triple DES was the recommended standard and the most widely used symmetric algorithm in the industry.
Triple DES uses three individual keys with 56 bits each. The total key length adds up to 168 bits, but experts would argue that 112-bits in key strength is more like it.
Despite slowly being phased out, Triple DES still manages to make a dependable hardware encryption solution for financial services and other industries.
(iii) if A user would like to send a long, encrypted message over an untrusted network both types of encryption can be used together to ensure both the message and the encryption key may be sent securely with the help of hybrid encryption.
A hybrid encryption scheme is one that blends the convenience of an asymmetric encryption scheme with the effectiveness of a symmetric encryption scheme.Hybrid encryption is achieved through data transfer using unique session keys along with symmetrical encryption. Public key encryption is implemented for random symmetric key encryption. The recipient then uses the public key encryption method to decrypt the symmetric key. Once the symmetric key is recovered, it is then used to decrypt the message.The combination of encryption methods has various advantages. One is that a connection channel is established between two users' sets of equipment. Users then have the ability to communicate through hybrid encryption. Asymmetric encryption can slow down the encryption process, but with the simultaneous use of symmetric encryption, both forms of encryption are enhanced. The result is the added security of the transmittal process along with overall improved system performance.