The days of Data Encryption are numbered. We are seeing more attacks on encryption than we can count from more sources than ever before. While encryption is an important step in securing sensitive data, it cannot secure the entire stack or chain. Despite what some people believe, encryption is not a viable alternative to strong security.
Data Encryption’s days are numbered
Despite its importance, Data Encryption’s days may be numbered. This technology is not fool-proof, and it can be easily cracked by hackers using brute force attacks. However, newer data encryption systems make it harder for hackers to crack them. Intel has introduced encryption tools into its CPUs to increase security further.
Quantum computers
To remain secure, we need to ensure that we don’t leave data unencrypted for years to come. This is particularly important in areas such as personal medical information and banking data. The risk of exposing this information is not what happens today but 10 years from now. Similarly, governments want to ensure that communications between nations remain secure. A breach of these communications could lead to a sticky geopolitical situation. As a result, we should develop tools that allow organisations to decide what data to encrypt and what not to.
In addition to encrypting information, quantum computers can solve specific mathematical problems very quickly. Some of these problems are related to the properties of prime numbers. Prime numbers have no divisors, which are often used in public/private key systems. For example, RSA encryption relies on large primes.
Creating these systems will require a different set of skills than conventional computers. The data scientists and researchers involved in the project will have to learn new tools and software frameworks in order to build quantum-computed systems.
Over-reach
A new bill circulating in Australia aims to help intelligence agencies circumvent data encryption. If the bill is passed, technology companies would be legally compelled to cooperate with law enforcement and decrypt data. The question is: Should government overreach in data encryption be allowed?
GPRS
GPRS is a mobile data standard used in GSM mobile phone systems. It uses several encryption methods to protect data transmitted between mobile devices. These methods differ in their levels of security, but all use the same keys and algorithms. Some carriers use GEA/0 to offer no encryption, while others use GEA/2 or proprietary stream ciphers. These encrypt data using 64-bit keys and 128-bit states.
DES
The Data Encryption Standard (DES) was the gold standard for symmetric encryption for 20 years, but it was prone to brute-force attacks. As a result, the National Institute of Standards and Technology (NIST) decided to hold a competition to find a better data encryption algorithm. Eventually, it narrowed the field to five submissions.
DES is a symmetric block cipher first published in 1997 as FIPS 46-3. It uses a 56-bit key to encrypt data. However, it is not as secure as AES, which uses 128-, 192-, or 256-bit keys. As a result, NIST has officially withdrawn DES, and the technology will be phased out by 2023.
RSA
RSA data encryption was developed by Ron Rivest, Adi Shamir, and Leonard Adleman. They were a powerful team of mathematicians and computer scientists who devised the formula for secure data transmission. Rivest and Shamir were known for their ability to keep up with scientific journals and to think of new ideas. Adleman, meanwhile, was a patient analytical help who pointed out problems and impracticalities.
Researchers have broken the 768-bit RSA encryption standard. Using a number field sieve, they could factor a seven-digit number into a two-digit one. As a result, most organisations now use a higher level of encryption. Some use 2048-bit encryption as their default. But in three to four years, this encryption will be phased out.
One key difference between RSA and other encryption methods is the way private and public keys are used. In RSA, each side uses a different pair of keys to encrypt and decrypt messages. In the public-key approach, the sender and receiver both have a public-key-private-key pair. The public key remains available to the sender while the private key is secret.
PKE
While PKE for data encryption may be dead, it is not for lack of use. In today’s world, the internet is a connected place, and security must be top priority. Public key encryption (PKE) is a popular solution for protecting data from attackers, but it isn’t a solution in itself. PKE’s RSA-2048 algorithm is a gold standard for PKE, and it is essential for protecting secure webpage connections, email exchanges, digital supply chains, passwords, and user accounts.
