2.3 Symmetric & Asymmetric Encryption


Threats

Threats come in various forms and include malware, viruses, spyware, DOS attacks, SQL injection and much more. Hackers try to gain unlawful or unauthorised access to computer and networks by looking for weaknesses in the system. They can use a to read transmitted data and it is therefore why encryption is done.


Encryption

Encryption involves encoding data into a form that is not useful unless it is passed through an algorithm. Once encrypted, data can be decrypted by a . There are two main types of encryption:

  1. Symmetric encryption

  2. Asymmetric encryption

Sample answer:

Encryption key is used Encryption algorithm is used Encryption key / algorithm is applied to the plaintext It is converted into ciphertext using that key / algorithm It is also decrypted using the same key / algorithm

Symmetric Encryption

  • Both parties are given an identical secret key which can be used to either encrypt or decrypt data

  • A hacker can steal the key which is a disadvantage

How it works?

  • Once a key is generated the sender applies it to the plaintext and sends the ciphertext

  • The receiver receives the ciphertext and applies the key to get the plaintext

Asymmetric Encryption

  • Two keys are used, a and public key

  • Both keys are needed to encrypt and decrypt the data

  • Only 1 private key can be used to decrypt the message

How it works?

  • Person A uses a public key to encrypt their message

  • Person A send the message

  • Person B decrypts the message using the private key


Hashed Encryption Keys

  • These can be created manually, randomly, or via an algorithm.

  • Strong encryption keys are created using a .

  • SHA-2 is an example of a hashing algorithm

Why use them?

  • Hashing algorithms are many-to-one. This means that many different inputs can produce the same hash output.

  • Means that a hacker must first un-hash the key before it is useful

  • As hashing algorithms are un-reversible, this is really difficult

  • Due to the complexity of these algorithms, computing power is not enough to de-hash these keys


Exam Questions


Last updated