Skip to main content

Cyber Security March 2017: Encryption

Encryption is one of the most difficult subjects in computer science. Simply because, it never stops getting more difficult. As computers become more and more powerful, our simple passwords are easier to crack. Not only that, but communications become easier to break into. Yet, encryption keeps everything we hold dear private, whether we willfully encrypt it or not. Browsers today do their best to keep the data you are sending encrypted, some phone apps encrypt simple text messages, and those cloud storage solutions are encrypted (most of them). So what is encryption, and can I bring more of it into my life?

March 2017 Cyber Security

Someone is always watching!

The History Stuff

Julius Caesar is often cited as the originator of encryption, by creating a Caesar Cipher. He was just a link in the chain that was encryption development, though. There are many examples of different types of encryption going all the way back to the Ancient Egyptians. In more recent memory, during World War II Alan Turing truly brought encryption into the modern lexicon by designing an encryption defeating device that helped to defeat the Nazis’ Enigma: The Turing Bombe. This machine was able to intercept encrypted messages, and decrypt them in time to prevent major attacks. This type of machine was without equal at the time, and truly helped launch the craze that is modern computing.
Encryption has evolved much further than the WWII Enigma and Bombe machines though, and the flavors are constantly getting stronger. Today, most encryption is done through either SHA-1 or SHA-2, with 2 being the more secure of the pair. In fact, in February 2017 SHA-1 was found to actually have a flaw that determined attackers could break. By determined attackers, that means attackers with approximately $80,000 worth of computing equipment. This means that SHA-1 is now going to be phased out with companies giving more favor to the stronger SHA-2.

The Geeky Stuff

Encryption, at its most basic is nothing but mathematics. Granted, the numbers are huge, but all the better to protect the data being transmitted. Their are two main types of cryptography: Symmetric and Asymmetric. To break down the difference between these two types of encryption, let’s imagine that you are delivering a message in a briefcase. That briefcase has two locks on it; one for you, and one for the recipient.

The lock for you is always private, meaning you only have the key. No one else should have that private key, and if they do then the encryption is worthless! The other lock is the difference. In Symmetric Encryption, only one other person (or party) has the key to unlock that lock. However, that key is identical to yours! So really, you could unlock both locks.
Asymmetric encryption, on the other hand, has two different keys. Of course you have your private key, which again, only you should have! The other lock, though, can be unlocked if the other party has received your mailed key. This is the important part: that mail must be secure as well! Just because the key is different than your own, does not mean that only one person may have it. Secret listeners could steal that ‘public’ key and use it to read whatever they want utilizing your private key.

Mashable actually created a great video that breaks down the process: What is Encryption and How does it Work? 

 

The Not So Geeky Stuff

So, as always, what does that mean to you? Well, the tech stuff, not a lot. However, because we have continually stretching the bounds of how strong and easily accessible encryption is; you can now encrypt your life easily! Quincy Larson at Free Code Camp wrote an amazing article called “How to Encrypt your entire life in an hour” that has been shared thousands of time. In the article Quincy points to several easy tool to encrypt everything from text messaging, to banking, to emailing. One of his greatest pointers was about your phone’s security.

Thumbprints seem to be so popular lately, but a lot of individuals don’t realize two things. One, a judge CAN order to you unlock something using your thumbprint, despite the obvious overtures to the Fifth Amendment (hint, they can’t order you to turn your password over). Second, if one person can gain access to your thumbprint, then anyone can. See the hacker who did this!
A quick overview of that article from Quincy is below, and you should consider encrypting your digital communications. Regardless of whether you are doing something wrong, there is always criminals out there looking to steal from you!

Encrypt your life in an hour! (full article)

1. Use two factor authentication everywhere
2. Encrypt your hard drive
3. Use your phone’s password protection
4. Use different passwords EVERYWHERE
5. Use an app like Signal to send messages
6. Don’t just use Incognito mode
7. Use a Tor Onion Browser