CYBER SECURITY

Lecture-6: Data Encryption

Dr. Shahid Naseem

Assistant Professor (IT)
Shahid.Naseem@ue.edu.pk

University of Education, Lahore

 Data Encryption
• Data encryption is a common and effective security method—a
sound choice for protecting an organization’s information.
• In a world where cybercrimes are on the rise, it’s comforting to
know that there are as many methods available to protect
network security as there are ways of trying to penetrate it.

• The real challenge is deciding which techniques an internet

security expert should employ that best suits their organization’s
specific situation.

University of Education, Lahore

 Data Decryption
• Data encryption is a method of protecting data by encoding it
in such a way that it can only be decrypted or accessed by an
individual who holds the correct encryption key. When a
person or entity accesses encrypted data without permission, it
appears scrambled or unreadable.

• Data encryption is the process of converting data from a

readable format to a scrambled piece of information. This is
done to prevent prying eyes from reading confidential data in
transit. Encryption can be applied to documents, files,
messages, or any other form of communication over a network.

University of Education, Lahore

 Data Decryption
• In order to preserve the integrity of our data, encryption is a
vital tool whose value cannot be overstated. Almost everything
we see on the internet has passed through some layer of
encryption, be it websites or applications.

University of Education, Lahore

 How Does Data Encryption Work?
• The data that needs to be encrypted is termed plaintext or
cleartext. The plaintext needs to be passed via some encryption
algorithms, which are basically mathematical calculations to be
done on raw information.

• There are multiple encryption algorithms, each of which differs

by application and security index.

University of Education, Lahore

 How Does Data Encryption Work?
• Apart from the algorithms, one also needs an encryption key.
Using said key and a suitable encryption algorithm, the
plaintext is converted into the encrypted piece of data, also
known as ciphertext. Instead of sending the plaintext to the
receiver, the ciphertext is sent through insecure channels of
communication.

• Once the ciphertext reaches the intended receiver, he/she can

use a decryption key to convert the ciphertext back to its
original readable format i.e. plaintext. This decryption key must
be kept secret at all times, and may or not be similar to the key
used for encrypting the message.
University of Education, Lahore
 How Does Data Encryption Work?
Example
A woman wants to send her boyfriend a personal text, so she
encrypts it using specialized software that scrambles the data into
what appears to be unreadable gibberish. She then sends the
message out, and her boyfriend, in turn, uses the correct
decryption to translate it.

University of Education, Lahore

 How Does Data Encryption Work?

Fortunately, the keys do all the actual encryption/decryption work,

leaving both people more time to contemplate the smoldering
ruins of their relationship in total privacy.
University of Education, Lahore
 Why Do We Need Data Encryption?
If anyone wonders why organizations need to practice encryption,
keep these four reasons in mind:

 Authentication: Public key encryption proves that a website's

origin server owns the private key and thus was legitimately
assigned an SSL certificate. In a world where so many
fraudulent websites exist, this is an important feature.

University of Education, Lahore

 Why Do We Need Data Encryption?
 Privacy: Encryption guarantees that no one can read messages
or access data except the legitimate recipient or data owner.
This measure prevents cybercriminals, hackers, internet service
providers, spammers, and even government institutions from
accessing and reading personal data.

 Regulatory Compliance: Many industries and government

departments have rules in place that require organizations that
work with users’ personal information to keep that data
encrypted. A sampling of regulatory and compliance standards
that enforce encryption include HIPAA, PCI-DSS, and the GDPR.
University of Education, Lahore
 Why Do We Need Data Encryption?
 Security: Encryption helps protect information from data
breaches, whether the data is at rest or in transit.

For example:
If a corporate-owned device is misplaced or stolen, the data stored
on it will most likely be secure if the hard drive is properly
encrypted.

Encryption also helps protect data against malicious activities like

man-in-the-middle attacks, and lets parties communicate without
the fear of data leaks.
University of Education, Lahore
 Types of Data Encryption Techniques
• There are several data encryption approaches available to
choose from. Most internet security (IS) professionals break
down encryption into three distinct methods:
• Symmetric
• asymmetric
• hashing.

University of Education, Lahore

 Types of Data Encryption Techniques
Symmetric Encryption Method

 Also called private-key cryptography or a secret key algorithm, this method

requires the sender and the receiver to have access to the same key. So,
the recipient needs to have the key before the message is decrypted.

 This method works best for closed systems, which have less risk of a third-
party intrusion.
On the positive side, symmetric encryption is faster than asymmetric
encryption. However, on the negative side, both parties need to make sure
the key is stored securely and available only to the software that needs to use
it.

University of Education, Lahore

Types of Data Encryption Techniques

University of Education, Lahore

 Types of Data Encryption Techniques
Asymmetric Encryption Method
• Also called public-key cryptography, this method uses two keys for the
encryption process, a public and a private key, which are mathematically
linked. The user employs one key for encryption and the other for
decryption, though it doesn’t matter which you choose first.

• As the name implies, the public key is freely available to anyone, whereas
the private key remains with the intended recipients only, who need it to
decipher the messages. Both keys are simply large numbers that aren’t
identical but are paired with each other, which is where the “asymmetric”
part comes in.

University of Education, Lahore

Types of Data Encryption Techniques

University of Education, Lahore

 Types of Data Encryption Techniques
Hashing Method
• Hashing generates a unique signature of fixed length for a data set or
message. Each specific message has its unique hash, making minor changes
to the information easily trackable. Data encrypted with hashing cannot be
deciphered or reversed back into its original form. That’s why hashing is
used only as a method of verifying data.

• Many internet security experts don’t even consider hashing an actual

encryption method, but the line is blurry enough to let the classification
stand. The bottom line, it’s an effective way of showing that no one has
tampered with the information.

• Now that we have gone through the types of data encryption techniques,
let us next learn the specific encryption algorithms.
University of Education, Lahore
 Encryption Algorithms
Encryption algorithms are used to convert data into ciphertext. By
using the encryption key, an algorithm can alter data in a
predictable manner, resulting in the encrypted data appearing
random, but it can be converted back into plaintext by using the
decryption key.

University of Education, Lahore

 Advanced Encryption Standard
• The Advanced Encryption Standard (AES) is the trusted standard
algorithm used by the United States government, as well as
other organizations.

• Although extremely efficient in the 128-bit form, AES also uses

192- and 256-bit keys for very demanding encryption purposes.
AES is widely considered invulnerable to all attacks except for
brute force.

• Regardless, many internet security experts believe AES will

eventually be regarded as the go-to standard for encrypting
data in the private sector.
University of Education, Lahore
 RSA Encryption Standard
• RSA is a public-key encryption asymmetric algorithm and the
standard for encrypting information transmitted via the
internet.

• RSA encryption is robust and reliable because it creates a

massive bunch of gibberish that frustrates would-be hackers,
causing them to expend a lot of time and energy to crack into
systems.

University of Education, Lahore

 RSA Encryption Standard
Rivest-Shamir-Adleman (RSA). Rivest-Shamir-Adleman is an
asymmetric encryption algorithm that works off the factorization
of the product of two large prime numbers. Only a user with
knowledge of these two numbers can decode the message
successfully. Digital signatures commonly use RSA, but the
algorithm slows down when it encrypts large volumes of data.

University of Education, Lahore

 Data Encryption Standard
• DES is the successor to the original Data Encryption Standard
(DES) algorithm, created in response to hackers who figured out
how to breach DES.

• It’s symmetric encryption that was once the most widely used
symmetric algorithm in the industry, though it’s being gradually
phased out.

• DES applies three times to every data block and is commonly

used to encrypt UNIX passwords and ATM PINs.

University of Education, Lahore

 Blowfish Encryption Standard
• Blowfish is another algorithm that was designed to replace DES.
This symmetric tool breaks messages into 64-bit blocks and
encrypts them individually.

• Blowfish has established a reputation for speed, flexibility, and

is unbreakable. It’s in the public domain, so that makes it free,
adding even more to its appeal.

• Blowfish is commonly found on e-commerce platforms,

securing payments, and in password management tools.

University of Education, Lahore

 Twofish Encryption Standard
• Twofish is Blowfish’s successor. It’s license-free, symmetric
encryption that deciphers 128-bit data blocks.

• Additionally, Twofish always encrypts data in 16 rounds, no

matter what the key size.

• Twofish is perfect for both software and hardware

environments and is considered one of the fastest of its type.
Many of today’s file and folder encryption software solutions
use this method.

University of Education, Lahore