Part 2: The use of Encryption Algorithms
Knowledge of the algorithm used to convert (encrypt) the data is required in order to convert back (decrypt) the data into useful information. It turns out that only standard algorithms tend to be used to encrypt data, so a would-be hacker can perform multiple attempts of known algorithms to decrypt noisy data back to useful information.
To combat this weakness, encryption algorithms have been developed which require knowledge of “secret” data to be entered into the algorithm in order to encrypt and decrypt the data. So anyone can then take (steal) the noisy data but they will require knowledge of the “secret” data if they are to decrypt the data into useful information. The secret data should be sufficiently large to ensure many guesses would be needed to find the correct value for the secret data.
This secret data is known as a cryptographic key; in the same way that a physical key is used to unlock a door, a cryptographic key is used to unlock the ability to turn noisy data into useful information. Any user authorised to access and convert the noisy data into useful information should have knowledge of the “secret” data (cryptographic key). Of course this secret data must be sufficiently large in size.
If someone is asked to remember a large group of numbers (secret data/cryptographic key) then chances are this person will easily forget this information. The act of remembering this information and then entering the values will most certainly slow down the business operation and hence slow down productivity. For practicality reasons, an authorised user should gain access to the secret data (cryptographic key) by means of entering much more memorable information, such as a password or graphical data, which unlocks a secure storage area which contains the full value of the cryptographic key. If multi-user access is required to encrypted data then access to the cryptographic key should be “black-boxed” in order for a specific user to be revoked from accessing the encrypted data in the future.
Encrypt sensitive information with a known secure algorithm locked up by a specific cryptographic key ensures ability to convert this encrypted data to information requires many computation attempts.
But it just takes that one successful attempt to decrypt a block of data and the entire organisation’s information is open, right?
Look out for our next blog – “Part 3: Protecting the whole organisation.”