The Myths, and the Next off in the Encryption World

By CIOReview | Wednesday, September 21, 2016

The most dangerous thieves these days don’t prefer to keep vigil of the target. They lie in wait for a vulnerable stint to inject vicious code into the IT infrastructure and leak out piles of secret financial data, intellectual property, personal data, and other highly sensitive information. It is every organization’s goal to look for the best tools to lock down the sensitive files and keep them in aloof, so that only the authorized person has key.

“Encryption is the backbone of computer security, without it, our economy stops. Our government stops. Everything stops,” Edward Snowden quoted in a debate with CNN, this year.

True, because we rarely see a day spent without any data breach, stolen records, or social media account hacked. After few miles on tape encryption, unlike before, data storage and security are now mainstreaming with businesses, largely because of soaring cyber-security issues. How encryption is to be implemented and can be used, still worries authorities about losing controls over encryption keys. In corporate, there persist misconceptions about encryption and key management related to performance, ease of use and cost. Let’s catch on to the breakdown of these perceptions:

Performance degradation of a system: Not so true! Even encryption requires some time to process. Now-a-days, a dedicated space is assigned to accelerate encryption. For a system utilizing the Intel AES-NI co-processor, one should run block-level encryption to achieve the highest level of performance.

Encryption is hard to get and manage: Yes, because a) it is built on industry standard, and b) the mathematics around encryption is difficult and every encryption solution doesn’t direct the key management.

Encryption is only for compliance regulatory organizations: There are no qualifying criteria which mandate tape encryption. A better approach to plan your encryption is that, if you have data—whether they're finance related, personal backups, employees or market-related or anything else—that you believe is sensitive/ competitive, then encryption is recommended.

SSL encrypts data everywhere: No. SSL uses an end-to-end cryptographic system and encrypts only data in flow, not the data at rest. To ensure the visitors about the same, web browsers give a visual prompt such as a green bar or a lock icon.

Encryption isn’t secure in the cloud: Cloud encryption in reverse, many times, is more secure on cloud than keeping data on premise where insiders can be a potential threat. However, you should have control of the encryption keys and not the cloud provider.

Enterprise-Grade Encryption is expensive and requires cloud-adverse hardware: Maybe a long time ago but now, the entry fee for encryption has scaled down to zero for a numenr of platforms. There are effective software-based solutions in the market that set up key management in the cloud or on premises. Cloud providers, such as Bitlocker or AWS encryption, provide encryption on their hosting platform. These solutions outhustle hardware security modules (HSMs) and are well-disposed to clouds.

The technologists around the corner have been working diligently to strengthen encryption since decades. Clearing the feud over “the threat of law enforcement going dark”, they say, it is much hyped. It wouldn’t be a point of debate to call a threat to data an inevitable incident; almost always there are ways to snoop around encryption, even if you can’t break the wall of security.

The Bests of Perdurable Encryption Algorithms for the Future

1. Triple DES: As many think, Triple DES is not yet obsolete. The DES algorithm was replaced and the Advanced Encryption Standard was ratified by National Institute of Standards and Technology (NIST). Triple DES encrypts input data three times with three individual keys of 56 bits each. With, significantly sized key length, Triple DES manages to endure as a reliable hardware encryption solution for many industries, especially financial services.

2. RSA: RSA is a cryptosystem for public-key encryption and celebrated its 25th annual event this year. In the asymmetric algorithm, anyone is authorized to use the public key to encrypt a message. The other key used to decrypt, is kept private. Because the result of RSA encryption is wizardry, attackers take significant time and processing power to snoop around. This encryption method is also used in the PGP and GPG programs.

3. Blowfish: Symmetric algorithms use the same key for encryption and decryption, generally. The freely available Blowfish belongs to the same category. Blowfish positives include; it is fast (encrypts data at a rate of 26 clock cycles per byte on 32-bit processors), compact (needs less than 5K memory to run), and simple and secure. The freeware has no rules about its use. IT platforms such as e-commerce leverage it to protect passwords for secured payment procedures.

4. Twofish: Twofish is free, unpatented, and license-free.  The 128-bit block cipher uses a single key up to 256 bits, one of the fastest of its kind and said to be efficient in both hardware and software environments. It allows implementers to balance performance by trading off encryption speed, code size, and key setup time. The renowned open-source software TrueCrypt, and encryption programs such as PhotoEncrypt, GPG offers Twofish already incorporated in them.

5. AES: It is again a symmetric key cipher, but with high computational complexity. AES is popularly used by the U.S govt. and numerous organizations to secure sensitive, classified information.  At least six times faster than triple DES, AES is extremely efficient in 128-bit form and uses keys of 192 and 256 bits for bulk encryption. Much efficient key management—with the correct implementation of AES—is very necessary for its assured results.

The enormous growth in the digital world has shoot up various security levels and measures to button up information exchange. A newly introduced method “Honey Encryption” has been developed by experts to curb hackers and attackers for every incorrect guess of the key code by ladling up fake data. This technique will put the correct key six feet under. Quantum key distribution (QKD) is yet another discovery in the field of encryption that uses individual photons over fiber optic for the exchange of cryptographic key data. For now, the tempting result of QKD offers a glimpse into the future of communication security and opens up a realm of new possibilities.