encryption

The use of encryption/decryption is as old as the art of communication. In wartime, a cipher, often incorrectly called a code, can be employed to keep the enemy from obtaining the contents of transmissions. (Technically, a code is a means of representing a signal without the intent of keeping it secret; examples are Morse code and ASCII.) Simple ciphers include the substitution of letters for numbers, the rotation of letters in the alphabet, and the "scrambling" of voice signals by inverting the sideband frequencies. More complex ciphers work according to sophisticated computer algorithms that rearrange the data bits in digital signals.

In order to easily recover the contents of an encrypted signal, the correct decryption key is required. The key is an algorithm that undoes the work of the encryption algorithm. Alternatively, a computer can be used in an attempt to break the cipher. The more complex the encryption algorithm, the more difficult it becomes to eavesdrop on the communications without access to the key.

Encryption/decryption is especially important in wireless communications. This is because wireless circuits are easier to tap than their hard-wired counterparts. Nevertheless, encryption/decryption is a good idea when carrying out any kind of sensitive transaction, such as a credit-card purchase online, or the discussion of a company secret between different departments in the organization. The stronger the cipher -- that is, the harder it is for unauthorized people to break it -- the better, in general. However, as the strength of encryption/decryption increases, so does the cost.

In recent years, a controversy has arisen over so-called strong encryption. This refers to ciphers that are essentially unbreakable without the decryption keys. While most companies and their customers view it as a means of keeping secrets and minimizing fraud, some governments view strong encryption as a potential vehicle by which terrorists might evade authorities. These governments, including that of the United States, want to set up a key-escrow arrangement. This means everyone who uses a cipher would be required to provide the government with a copy of the key. Decryption keys would be stored in a supposedly secure place, used only by authorities, and used only if backed up by a court order. Opponents of this scheme argue that criminals could hack into the key-escrow database and illegally obtain, steal, or alter the keys. Supporters claim that while this is a possibility, implementing the key escrow scheme would be better than doing nothing to prevent criminals from freely using encryption/decryption.

Getting started with encryption

To explore how encryption is used in the enterprise, here are some additional resources:

Data encryption and classification in practical cryptography: There are many factors to consider when it comes to data encryption and classification in practical cryptography. In this security school lesson, administrators can learn the importance of each and get tips on how to properly tackle both processes.

Understanding all aspects of corporate database encryption: Encrypting a corporate database can be daunting. Get information and advice on database encryption before attempting the task, including encryption for media protection and for separation of duties.

Windows BitLocker: Enabling disk encryption for data protection: Windows Bitlocker disk encryption technology can be an essential tool for organizational data protection. Get information about what the technology can and can't do and how it can help you to avoid a data breach.

Preventing encryption bad practices: When is comes to encryption, it seems like IT administrators are constantly repeating bad practices. Learn how to avoid and prevent some of the biggest encryption mistakes, such as using WEP encryption, failing to encrypt laptops and ignoring patches and updates.

How to achieve laptop data security: For a hacker, a misplaced or stolen laptop can serve as an open door into a world of personal data. Learn how laptop encryption can help you achieve a strong laptop security strategy and prevent data or identity theft.

Read more about encryption: - SearchSecurity.com provides more information about encryption. - The Electronic Frontier Foundation has more about encryption/decryption, along with the latest legal updates concerning the key-escrow issue.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG UTM Appliances and Strategies,   Network Security: Tools, Products, Software,   Enterprise Network Security,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Virtual appliances boost flexibility, improve security Companies see the benefits of placing network-oriented security on a faster processor. Enterprise UTM security: The best threat management solution? Unified threat management technology is touted as the cure-all for enterprise network security. But is UTM the best product for keeping threats at... Microsoft Threat Management Gateway has some drawbacks Microsoft's new gateway lacks policy enforcement integration and does not detect the presence of sensitive data or provide PCI features.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Data Encryption Standard  (SearchSecurity.com) denial of service  (SearchSoftwareQuality.com) A denial of service (DoS) attack is an incident in which a user or organization is deprived of the services of a resource they would normally expect...