|
|
Encryption in Everyday Computing
David McClellan, Insala Technology Coordinator
Encryption is everywhere. It is an invisible yet infinitely important element of the information era. Almost every digital interaction in your life is accompanied by the encryption of data. The web sites you visit, e-mails you receive, calls to your cell phone, logging into your computer at work and even the keyless entry on your car involve encryption in one form or another. All this work going on behind the scenes is done for the sole purpose of protecting the information that is constantly traveling through the wires and the airwaves all around us.
Not to be confused with "Encoding" data, encrypting data is the process of converting "plaintext" into "ciphertext" usually accomplished by applying an algorithm to the plaintext using a secret key. This is to prevent everyone but the intended recipient from understanding the data. Encoding, on the other hand, is the processes of simply replacing characters with other characters that map to each other (Word Jumble and the decoder ring from the box of Captain Crunch are perfect examples). Encoding is essentially the simplest form of encryption.
Encryption has been used throughout history in various forms. The ancient Greeks were one of the first known to use encryption. They had charts and mappings that one could use to manually decrypt a message. Their technique was created primarily for military use, as were most of the encryption advancements prior to the infusion of computing into our daily lives. The first mechanical encryption tools were developed in the beginning of the 20th century. The famous German Enigma machine was developed in the 1920's and used by Nazi Germany in WWII. A team of Polish mathematicians cracked the Enigma and gave their findings to British cryptographers, enabling them to decrypt messages they intercepted. This ultimately played a large part in the outcome of the war.
In today's age, with computers in nearly every home and office, and information traveling the world over at all times, the call for encryption goes far beyond the initial military needs. Hackers have the ability to intercept data traveling over the internet, over the airwaves and, in some cases, inside your computer.
Luckily for us, the most secure encryption algorithms are already in place for most of the sensitive transactions that we encounter. When you go to your bank's website to transfer funds from one account to another, you are sending a wealth of sensitive information (such as account numbers, PINs, addresses, usernames, etc...) over hard wires and through dozens of computers in order to process a single request. If this data was not encrypted with the strongest algorithms available, this would not be a viable banking option.
A standard for confidential information transmission over the internet is through the Secure Socket Layer (SSL). SSL encrypts all of the data you send and receive, so that it is not sent as clear text over the internet. You can easily tell if SSL is being used by website you are visiting. Simply look at the address of the page. If the address begins with "https://" then you know you are using SSL. If the address begins with just "http://", then you are just sending your page requests without encrypting the data. Any online credit card transactions or banking sites should have SSL in place.
One particular type of data transmission that is often overlooked when it comes to security is the ever-so-popular e-mail. By default, e-mails are sent as clear text over the internet. One simple security measure that you can put in place when sending sensitive information through an e-mail is to use PGP (Pretty Good Privacy). PGP is an e-mail encryption standard that encrypts emails by utilizing public and private keys. Both the sender and the receiver of an e-mail must have a PGP client application installed on their computers, but this is a simple task given the security benefits of PGP. PGP plug-ins are available for many popular e-mail applications, such as Outlook, Eudora and Apple Mail.
As the internet becomes increasingly prevalent in our day to day lives, so does the possibility of cyber-crimes. You don't need to be a cryptography expert to be sure your sensitive data is safe. Being aware of the threats, knowing what is available to thwart potential hackers and subsequently utilizing these tools is an extremely powerful first step towards fully protecting your information.
|
|
|
|
