More

    IMPORTANT POINTS TO REMEMBER ABOUT ENCRYPTION

    Following are some of the most important points related to encryption for passing exams and for general understanding.

    • Encryption is the process of converting a plain text into cipher text. Decryption is converting the cipher text back into the original plain text. If we use a key for encryption, we need to use the same key for decryption.
    • Encryption algorithms are generally published for anyone to see, use and even contribute to improving the algorithm. Key however is secret.
    • Based on the usage of keys an encryption scheme can be classified into two types: symmetric encryption and asymmetric encryption.
      • In symmetric encryption, we use the same key for both encryption and decryption. 
      • In asymmetric encryption, we use a combination of two keys: one private key that is private to the user and a public key that is available to everyone. Data is encrypted using one key can be decrypted by the other. 
    • A symmetric master key is a key that is used to encrypt other keys such as data keys, authentication keys etc.
    • It is good practice to rotate keys. However, rotating keys will require decrypting and encrypting again, which may take a lot of time for big data. Therefore, the data is encrypted with a key and this key is then encrypted by a master key. This is referred to as envelope encryption.
    • Envelope encryption is referred to the process of encrypting data with a key, and then encrypting this key using another key. With envelope encryption, we may encrypt keys upto many levels, but ultimately one key will be unencrypted and this key is called the master key. 
    • With envelope encryption we can store both our data and keys together. Envelope encryption also allow us to work easily with multiple master keys by enabling us to re-encrypt only the keys and not the complete data. 
    • There can be more than one level of encryption with envelope encryption. For example, a data key can be encrypted with another key, which is encrypted by another key and so on. However, there will be a master key in the end that is not encrypted. This key needs to be stored securely and rotated regularly. AWS KMS is the service from Amazon that will help us create and maintain our master keys.

    Recent Articles

    OAUTH – FREQUENTLY ASKED QUESTIONS FOR INTERVIEWS AND SELF EVALUATION

    Why is refresh token needed when you have access token? Access tokens are usually short-lived and refresh tokens are...

    SUMO LOGIC VIDEOS AND TUTORIALS

    Sumo Logic Basics - Part 1 of 2 (link is external) (Sep 29, 2016)Sumo Logic Basics - Part 2 of 2...

    GIT – USEFUL COMMANDS

    Discard all local changes, but save them for possible re-use later:  git stash Discarding local changes...

    DISTRIBUTED COMPUTING – RECORDED LECTURES (BITS)

    Module 1 - INTRODUCTION Recorded Lecture - 1.1 Introduction Part I – Definition

    BOOK REVIEW GUIDELINES FOR COOKBOOKS

    Whenever you add reviews for the book, please follow below rules. Write issues in an excel.Create an excel...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox