...companies to go bankrupt directly if the computer systems that they used are easily vulnerable. Once the hackers could enter the computer system, certainly they would change or break the data, in which most of the data was about secret stuff, such as money, company’s benefits, and et cetera. By changing the data, some properties that belong to society would be deprived and belong to the hackers. This was the main concern since the hackers’ activities can not be seen. The appearance of the modern computer nowadays has essentially changed the way the society communicates and exchanges the information. The old security system was now replaced with the new and deceptive one. One pair of the deceptive security systems was encryption and decryption. Encryption is a process that uses the mathematical formulas and this process worked by combining one data with another so that it would create strange and confused database, thus unauthorized people can not enter the computer system. While decryption is the process of converting encrypted data into the original form, so that just people that own a decryption key can open the locked...
Words: 285 - Pages: 2
...1. Which one of the following statements is most correct about data encryption as a method of protecting data? D. It requires careful key Management 2. Explanation (one paragraph with citations). When protecting data with encryption methods, it is essential to properly manage all encryption keys. “Unless the creation, secure storage, handling and deletion of encryption keys is carefully monitored, unauthorized parties can gain access to them and render them worthless”, “ And if a key is lost, the data it protects becomes impossible to retrieve” (securing enterprise, 2010). Therefore, it is mandatory to have the correct security precautions in place to protect encryption keys. It is important to make backups of any encryption keys, and also of any changes that are made, in case originals are lost or data needs to be restored (Magalhaes, 2007). “Ensure that the backups are recoverable and an effective disaster recovery plan that details the recovery of the keys from backup is in place” (Magalhaes, 2007). Also, “storing the decryption keys with the encrypted data is bad practice, for this reason the keys should not be stored on the tapes that contain the encrypted achieved data” (Magalhaes, 2007). Making sure that the encryption keys are only available to approved users, and are kept in well-guarded areas, will help secure them significantly (Magalhaes, 2007). Make sure to Escrow the keys with a trusted third party (Magalhaes, 2007). “Ensure that you have a way of...
Words: 381 - Pages: 2
...Symmetric key encryption is also known as shared-key, single-key, secret-key, and private-key or one-key encryption. In this type of message encryption, both sender and receiver share the same key which is used to both encrypt and decrypt messages. Sender and receiver only have to specify the shared key in the beginning and then they can begin to encrypt and decrypt messages between them using that key. Examples include AES (Advanced Encryption Standard) and TripleDES (Data Encryption Standard). Advantages - Simple: This type of encryption is easy to carry out. All users have to do is specify and share the secret key and then begin to encrypt and decrypt messages. - Encrypt and decrypt your own files: If you use encryption for messages or files which you alone intend to access, there is no need to create different keys. Single-key encryption is best for this. - Fast: Symmetric key encryption is much faster than asymmetric key encryption. - Uses less computer resources: Single-key encryption does not require a lot of computer resources when compared to public key encryption. Disadvantages - Need for secure channel for secret key exchange: Sharing the secret key in the beginning is a problem in symmetric key encryption. It has to be exchanged in a way that ensures it remains secret. - Too many keys: A new shared key has to be generated for communication with every different party. This creates a problem with managing and ensuring the security of all these keys. - Origin...
Words: 729 - Pages: 3
...Encryption is a very important aspect of our daily lives. Everywhere we go and everything we do now involves some sort of encryption technology. From turning on our cars to using a card access to gain entry to our workplace, encryption is there. More specifically, encryption in communication is a vital component to everyday life. Without encryption, our lives would be much different and unsecure. According to Oded Goldreich (2004), There are 2 main types of encryption: One is called Symmetric-key and the other is public-key encryption (pp 375-376). The Symmetric-key algorithm uses the same cipher for both encryption and decryption. Conversely, the public-key algorithm requires 2 separate keys. One of these keys encrypts the text or message and the other decrypts it. A big drawback to using the Symmetric-key system is that both parties must possess the single, shared key (Mullen & Mummert, 2007). The public-key system kept both parties having separate keys that neither even knew about, but could still decipher the message. Encryption is defined as the activity of converting data or information into code. There are a lot of different ways that we use encryption. Cell phones, web browsers, wireless access, and computer passwords are all different types of communication encryption. Encryption is definitely not a new technology. It has been used by militaries and governments to communicate secretly for years. Cell phones are a prime example of the encryption we use today. In fact...
Words: 1437 - Pages: 6
...Different types of Encryption Esther Dyson, a former journalist and Wall Street analyst have said that Encryption is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government. It's hard to think of a more powerful, less dangerous tool for liberty. To explain this interesting statement, it is important to define the term Encryption. “Encryption is the conversion of a message or data file into a form that cannot be understood by unauthorized readers.” (Dyson) Encryption can be thought as locking something valuable into a strong box with a key. Sensitive data is encrypted by using a key algorithm, which renders it unreadable without the knowledge of the key. Data encryption keys are determined at connect time between a connection and the computer on the other end. The use of data encryption can be initiated by a personal computer or by the server it’s connecting to. On these terms, “Encryption is the technology that makes E-COMMERCE possible because it underlies the security systems used to protect electronic financial transactions.” (Dyson) Similarly, Dan Boneh, Professor of Computer Science and Electrical Engineering at Stanford University, gives another definition for the term. “Encryption is a method for users to securely share data over an insecure network or storage server.” (Boneh, Sahai and Waters) Since there are many transactions people do every day such as online banking or online shopping...
Words: 1201 - Pages: 5
...Seminar Presentation On Application of encrypting techniques In Database Security By Uweh SKelvin ABSTRACT Security in today’s world is one of the important challenges that people are facing all over the world in every aspect of their lives. Similarly security in electronic world has a great significance. In this seminar work, we discuss the applications of encryption techniques in database security. This is an area of substantial interest in database because we know that, the use of database is becoming very important in today’s enterprise and databases contains information that is major enterprise asset. This research work discuses the application of various encryption techniques in database security, and how encryption is used at different levels to provide the security. 1. INTRODUCTION Information or data is a valuable asset in any organization. Almost all organization, whether social, governmental, educational etc., have now automated their information systems and other operational functions. They have maintained the databases that contain the crucial information. So database security is a serious concern. To go further, we shall first discuss what actually the database security is? Protecting the confidential/sensitive data stored in a repository is actually the database security. It deals with making database secure from any form of illegal access or threat at any level. Database security demands permitting or prohibiting user actions...
Words: 4175 - Pages: 17
...Introduction and Mechanics of Encryption Encryption The conversion of data into ciphertext, that cannot be easily understood by unauthorized people. It is the only way to protect information in transit over the Internet. It is also a necessary part of defense-in-depth to protect information stored on Web sites or in a public cloud. Basic Encryption Methods: Several methods are used to encrypt data before being sent over the Internet. Symmetric Encryption Symmetric method: same key used for encryption and decryption. Advantage: Much faster than asymmetric encryption Disadvantage: 1. Both sender and receiver need to know the shared secret key. 2. A separate secret key needs to be created for use by each party with whom the use of encryption is desired. eg. If company A wants to encrypt information it shares with companies B and C, but prevent B and C from having access to the other’s information, it needs to create two encryption keys, one for use with company B and the other for use with company C. Otherwise, if company A shared only one common secret key with them, either company could decrypt any information to which it obtained access. Asymmetric Encryption Asymmetric method: different keys used for encryption and decryption. One key, called the public key, is widely distributed and available to everyone; the other, called the private key, is kept secret and known only to the owner of that pair of keys. Advantages: 1. No sharing of key necessary. It...
Words: 689 - Pages: 3
...Encryption changes plain text into unreadable text using an algorithm. It’s a process of hiding information so that outside sources cannot see or manipulate it. The most secure web encryption is 128-bit. It uses a longer sequence of bits to increase strength of encryption by offering an additional 88 bits of key length. This encryption uses a public key during the encryption process and a different private key for the decryption process. Most all providers now use 128 bit encryption which means there are 339 trillion different combinations to crack the code. (FAFSA) This ensures security of the data you send over the internet through secure sites. 128-bit encryption is so secure that trying to crack it simply isn't feasible. 128-bit encryption is 309,485,009,821,345,068,724,781,056 times stronger than 40-bit encryption. (FAFSA) It would take significantly longer than the age of the universe to crack a 128-bit key. Current cracking technology puts 128 bit encryption in the very hard to crack realm, but is not unbreakable. It just makes the duration longer and resource consumption more intense. In that case, those trying to crack have to consider if the unknown asset is worth the effort. State secrets may well be worth the effort 128 bit encryption is not bad encryption, but nor is it the best, the encryption standard for the government is 256 bit. If one wants to improve security, he or she could consider increasing to a 256 or 512 bit encryption. Also the use of...
Words: 631 - Pages: 3
...from gaining access to the data. The key behind keeping information safe is the method in which it’s protected and encrypted. In order to appreciate how information is secured, users must understand the encryption concepts behind it. To do this, one must comprehend the current encryption standards, the trends and developments in encryption technology, the importance of securing data, the government’s regulations pertaining to encryption, the companies involved in research and implementation, the implications of leaked or stolen data, and a brief look into the recent Heartbleed vulnerability. Encryption is at the heart of security in today’s networked world. When using the Internet, users are not always clicking around and taking in information passively, such as reading through their Facebook feed, a blog, or a news article. Often times, they are transmitting their own information while shopping online or registering for a website such as Twitter (Tyson 2014). Users take for granted the “behind the scenes” process of safeguarding the information they share while performing these day to day tasks. Simply put, encryption refers to any process used to make data more secure and less likely to be viewed or read by unauthorized or unintended parties (Tom’s Guide 2014). Encryption relies on the science of cryptography, which humans have used for thousands of years. Before the dawn of the information age, the majority of those who used cryptography were governments; particularity...
Words: 767 - Pages: 4
...A NOVEL APPROACH TO IMPLEMENT DISK SECURITY USING PARTIAL DISK ENCRYPTION Anurag Sharma M L Smitha Tarun T Arya Minal Moharir Information Science and Engineering RV College of Engineering The main objective of the paper is to develop an efficient and cost effective method for Hard Disk Drive(HDD) Security. The task is implemented using Partial Disk Encryption (PDE) with Advanced Encryption Standards(AES) for data security of Personal Computers(PCS) and Laptops . The focus of this work is to authenticate and protect the content of HDD from illegal use. The proposed method is labeled as DiskTrust. FDE encrypts entire content or a single volume on your disk. Symmetric key uses same key for encryption as well for decryption. DiskTrust uses these two technology to build cost effective solution for small scale applications. Finally, the applicability of these methodologies for HDD security will be evaluated on a set of data files with different key sizes. KEYWORDS- INFORMATION SECURITY, INTEGRITY, CONFIDENTIALITY, AUTHENTICATION, ENCRYPTION. I. INTRODUCTION In today’s world information security is an important concern for every individual. People spend hundreds of dollars in protecting their data to stay in the competition, and any leakage of crucial data can result in unrecoverable loss. Information security is the most important form of security even before network security, as information stored securely can only be transmitted securely over a network, there by...
Words: 2258 - Pages: 10
...started out by researching the different types of encryption available for enterprise servers. One recommendation by the client was to use an open source type of product because of the high cost of other products. I wanted to make sure the client’s needs were met and they understood how this method compared to other methods available. There was some reluctance from the FIS vendor because open source products are normally non-supported methods. With some influencing it was agreed to provide feedback on this method to satisfy the client’s request. GnuPG The first encryption method analyzed for this project was the open source product called GnuPG. GnuPG allows to encrypt and sign your data and communication, features a versatile key management...
Words: 1011 - Pages: 5
...Unit 1 Individual Project Danielle Hunker Ethical Hacking Colorado Technical University Online CSS280 February 22, 2016 Assessment Worksheet Assessing and Securing Systems on a Wide Area Network (WAN) Course Name and Number: Ethical Hacking CSS280 Student Name: Danielle Hunker Instructor Name: Jimmy Irwin Lab Due Date: February 22, 2016 Overview In this lab, a systems administrator for the securelabsondemand.com network has reported odd behavior on two servers that support legacy applications you first conducted internal penetration tests (also called a vulnerability scan) on each system and then helped secure those systems by configuring firewalls and removing vulnerable open ports. Lab Assessment Questions & Answers 1. What is the first Nmap command you ran in this lab? Explain the switches used. Nmap command: nmap –O –v 10.20.100.50 -O was the switch used to detect the operating system 10.20.100.50 -v was the switch used to show the detail of 10.20.100.50 2. What are the open ports when scanning 192.168.3.25 and their service names? * 80 HTTP services * 135 Microsoft EPMAP (End Point Mapper) * 139 NetBios session service * 445 Microsoft DS, SMB file sharing and CIFS (common internet file sharing) * 3389 RDP (Remote Desktop Protocol) * 5357 WSDAPI web services for devices * 49152 uo to 49157 DCOM or ephemeral ports 3. What is the command line syntax for running an SMB vulnerability scan...
Words: 832 - Pages: 4
...OF CRYPTOGRAPHY Contents 1. Introduction 2. Classical Encryptions (Ancient Times) 3. Classical Encryptions (Middle Ages) The Cipher of Mary Queen of Scots Vigenère Ciphers Uesugi Cipher 3 4 6 6 6 7 4. Modern Ciphers: Ciphers during World War I and the Emergence of Encryption Machines German Communication Cables Disconnected by the United Kingdom Zimmermann Telegram ADFGVX Cipher The Birth of Enigma 8 8 8 8 9 5. Modern Ciphers: Encryptions in the Computer and Internet Era DES Cipher Public-Key Cryptosystem RSA Cipher Decrypting the DES Cipher Responsive Action of Cipher Enhancements for SSL 10 10 10 11 12 12 6. The Future of Encryption 7. Conclusion: Enhancing the Effectiveness of Encryptions used for SSL References 13 14 14 2 © 2013 Thawte, Inc. All rights reserved. Thawte, the thawte logo, and other trademarks, service marks, and designs are registered or unregistered trademarks of Thawte, Inc. and its subsidiaries and affi liates in the United States and in foreign countries. All other trademarks are property of their respective owners. 1. Introduction E ncryption and related technologies are widely and frequently used as a means of ensuring that information is secure, and their importance has been growing with the increasingly widespread utilization of the Internet. The use of encryption can be traced to as far back as about 3000 B.C., during the Babylonian Era. Encryption technologies evolved as they were used in military and political...
Words: 6411 - Pages: 26
...What is asymmetric encryption and why do we need it? Asymmetric encryption is also known as public key encryption where there are two keys, a public key and a private key (Ezeobika, 2010). One key is used to encrypt and the other to decrypt (Hitachi ID Systems, Inc., 2013). Asymmetric encryption allows users to send secret messages by encrypting with the public key that belongs to the recipient (Hitachi ID Systems, Inc., 2013). Only the recipient will be able to decrypt the message because only that person will have access to the required key (Hitachi ID Systems, Inc., 2013). A somewhat similar way to view this is the locking and unlocking of a safety deposit box at the bank. The bank has the “public” key that is used as one of the necessary keys to open and close the box. In this situation “public” refers to the same key used for other safety deposit boxes within the bank. While the renter has the private key that is also necessary to open and close the box. Asymmetric encryption is useful because it allows for digital signatures which allow the person who is receiving a message to verify that a message is truly from a particular sender and to detect if the message has been altered (Ezeobika, 2010). Lastly, asymmetric encryption allows for accountability because once a message has been digitally signed the sender cannot deny having sent it (Ezeobika, 2010). Agrawal, M., & Mishra, P. (2012, May). A comparitive survey on symmetric key encryption techniques. International...
Words: 399 - Pages: 2
...Security Topics * Local Security * Physical Security * Firewall * Authentication * Encryption * Wireless Security * Viruses * Physical Security video 5.01 * Lock and control access to serves * Lock server and computer cases * Use audible alarms * Create administrative alerts * Locate servers room in high traffic area * Store backup tapes in secure area * Lock users operating system * Physically destroy old hard drive Authentication Policies * CMOS passwords * Username and password * Smart card and pin * Key fob * Biometric CMOS passwords Power-on Password * Supervisor’s password * User password * Full access * Liminted access * View only access * No access * Hard Drive Password * Protects data even if HD is stolen * Password required each time the system boots Reset CMOS password * Acess CMOS settings * Reset jumper * Remove/replace CMOS battery Create strong password * Six or more chraractors * Passphrase * Upper and lower case letters * Mix in numbers and symbols * Don’t use * Consecutive letters * Consecutive numbers * Consecutive keys Kerberos * Authentication method used by windows to encrypt passwords * Passwords are case sensitive This video shows the proper way to secure servers and...
Words: 1170 - Pages: 5