DEFINITION - Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form, so it can be understood.
The use of encryption/decryption is as old as the art of communication. In wartime, a cipher, often incorrectly called a code, can be employed to keep the enemy from obtaining the contents of transmissions. (Technically, a code is a means of representing a signal without the intent of keeping it secret; examples are Morse code and ASCII.) Simple ciphers include the substitution of letters for numbers, the rotation of letters in the alphabet, and the "scrambling" of voice signals by inverting the sideband frequencies. More complex ciphers work according to sophisticated computer algorithms that rearrange the data bits in digital signals.
In order to easily recover the contents of an encrypted signal, the correct decryption key is required. The key is an algorithm that undoes the work of the encryption algorithm. Alternatively, a computer can be used in an attempt to break the cipher. The more complex the encryption algorithm, the more difficult it becomes to eavesdrop on the communications without access to the key.
Encryption/decryption is especially important in wireless communications. This is because wireless circuits are easier to tap than their hard-wired counterparts. Nevertheless, encryption/decryption is a good idea when carrying out any kind of sensitive transaction, such as a credit-card purchase online, or the discussion of a company secret between different departments in the organization. The stronger the cipher -- that is, the harder it is for unauthorized people to break it -- the better, in general. However, as the strength of encryption/decryption increases, so does the cost.
In recent years, a controversy has arisen over so-called strong encryption. This refers to ciphers that are essentially unbreakable without the decryption keys. While most companies and their customers view it as a means of keeping secrets and minimizing fraud, some governments view strong encryption as a potential vehicle by which terrorists might evade authorities. These governments, including that of the United States, want to set up a key-escrow arrangement. This means everyone who uses a cipher would be required to provide the government with a copy of the key. Decryption keys would be stored in a supposedly secure place, used only by authorities, and used only if backed up by a court order. Opponents of this scheme argue that criminals could hack into the key-escrow database and illegally obtain, steal, or alter the keys. Supporters claim that while this is a possibility, implementing the key escrow scheme would be better than doing nothing to prevent criminals from freely using encryption/decryption.
Getting started with encryption To explore how encryption is used in the enterprise, here are some additional resources: Data encryption and classification in practical cryptography: There are many factors to consider when it comes to data encryption and classification in practical cryptography. In this security school lesson, administrators can learn the importance of each and get tips on how to properly tackle both processes. Understanding all aspects of corporate database encryption: Encrypting a corporate database can be daunting. Get information and advice on database encryption before attempting the task, including encryption for media protection and for separation of duties. Windows BitLocker: Enabling disk encryption for data protection: Windows Bitlocker disk encryption technology can be an essential tool for organizational data protection. Get information about what the technology can and can't do and how it can help you to avoid a data breach. Preventing encryption bad practices: When is comes to encryption, it seems like IT administrators are constantly repeating bad practices. Learn how to avoid and prevent some of the biggest encryption mistakes, such as using WEP encryption, failing to encrypt laptops and ignoring patches and updates. How to achieve laptop data security: For a hacker, a misplaced or stolen laptop can serve as an open door into a world of personal data. Learn how laptop encryption can help you achieve a strong laptop security strategy and prevent data or identity theft.
Learn more about Disk Encryption and File Encryption Curveball: Endpoint encryption strategies: In this podcast we look at the issues surrounding the use of encryption to secure data stored on endpoint computers. Fact or fiction: Pros and cons of database encryption: According to our latest survey of more than 608 enterprise security pros, 80% of enterprises say protecting data is more important in 2007 than last year, and 72% admit they need a better strategy. ... Quiz: Storage security: Take our quiz to see how much you know about securing data storage. How to choose full disk encryption for laptop security, compliance: Full disk encryption is becoming a priority for laptop security in midmarket companies because of regulatory compliance and fear of data breaches. Workstation hard drive encryption: Overdue or overkill?: Brien Posey explains why allowing EFS encryption on the workstation may be doing more harm than good.
This category currently contains no pages or media.