Symmetric And Asymmetric Encryption Techniques: AES, Full Disk, And File-Based Encryption
Symmetric Key Encryption with AES Cipher
In order to encrypt a message by utilizing symmetric key encryption, one needs to select a cipher first. It is identified that AES cipher s one of the most common symmetric key ciphers that are utilized as it is highly secured and it is available free of cost. From there, one specific key is generated (Asharov et al. 2016). During the process of TLS handshake, the client needs to properly create a symmetric key that provides it to the server and then all the information can be occurred with the help of the symmetric encryption process
Full disk encryption is considered as one type of encryption that generally occurs at hardware level. It generally works automatically in order to convert data on a hard drive in such a form that the individual who does not have proper key for doing conversion cannot be able to understand (Garg et al. 2016). It is found that without appropriate authentication key the data cannot be accessed even if the hard drive is removed. In this type of encryption, when the computer is powered on then there is no protection against the various unauthorized users.
In file-based encryption, all the files are encrypted by utilizing the same procedure like full disk encryption but in addition to this, it mainly consist of one of the special functionality according to which only a specific user can be able to access the data (Garg et al. 2016). It is identified that this type of encryption process mainly occurs during offline operation. It also helps in providing proper access control mechanism.
It is identified that file encryption procedure is one of the best solution for the organization that generally deals with the client. This is because every time they are dealing with the customers they have access the file server in order to get data and information. File level encryption generally assists in providing proper access control encryption functionality that is considered quite advantageous for the organizations.
It is found that backing up file server to the cloud can create number of security ramifications within the company. One such security ramification that can occur is due to retrieval of data as well as information from the cloud. During the process of data retrieval from the cloud, there are chances of security ramification.
Digital signatures are unique to the signers as handwritten signatures. It is identified that digital signatures solution providers generally follows a specific protocol that is known as PKI. The PKI generally needs a provider in order to utilize proper mathematical algorithm that generally helps in generating two numbers that is one private key and other is public key (Donaldson et al. 2016). When a signer enters within a document the signature is mainly generated with the help of the private key that is totally secured from the signer. The mathematical algorithm that is present generally works a cipher in order to create appropriate data matching. The resulting data that is encrypted is the digital signature. The signatures are generally marked with time that the entire document was signed and if the document changes, the digital signature is considered invalidated.
Full Disk Encryption
Digital signature mainly helps the organization in transferring both information as well as data with the help of internet. It also helps the organization in reducing the utilization of paper and assists in saving both time and money.
It is found that the company will generally utilize AES-256 for the file servers and PKI for the digital signatures.
It is identified that automated key management can be utilized in any of the condition that is elaborated below:
- A party requires to handle n^2 static keys where n is considered large
- Any of the stream cipher lie AES-CTR [NIST], AES-CTR [NIST] or RC4 [TK], can be utilized
- An initiation vector can be used again especially in hidden IV. It is found that pseudo random explicit IV or random is not considered as a problem unless there is high probability of repetition
- Large amount of data required encryption in a very much short time that causes regular change in context to short session key.
The main motivation of the malicious users is to access data for stealing it. The attackers can delete, modify or block the data of the users (Yang, He and Shi 2017).
Example 1: Google play store distributes Trojan horse
On 1st April 2016, the research team at Russian Security added Trojan and it is found by the malware experts that Trojan is mainly available for 104 android application for download within the play store, which mainly affected 3.2 million users.
Example 2: Trojan (Coldroot RAT) found in Github
A remote access Trojan that was uploaded by Github freely, it affected Linux, Mac and windows users. It was available for almost 2 years on Github and firstly detected on fake audio driver of Apple in 2016.
Hashes or Signatures technique is defined as a process that helps in producing a secure of data that will be helpful in downloading data as well as information securely. The digest is fund as a size of numeric presentation of various data that is mainly computed by utilizing hash function after utilizing the procedure of encryption for forming signatures. I is suggested to key the main private key properly because if the main key is lost then the data cannot be accessed.
The recommendations for the software developer include:
- The software developer must encrypt the software
- The software developer must compress the distributed software.
The recommendations that are provided to the users include:
Utilization of secure process: It is very much important for the users to utilize proper as well as secure procedure for downloading software
Utilization of malware detection system: It is necessary to utilize malware detection system in order to protect data from malware
Review of website: The first priority of the users is to review the website properly before downloading the software.
Asharov, G., Naor, M., Segev, G. and Shahaf, I., 2016, June. Searchable symmetric encryption: Optimal locality in linear space via two-dimensional balanced allocations. In Proceedings of the forty-eighth annual ACM symposium on Theory of Computing (pp. 1101-1114). ACM.
Donaldson, R.J., Collins, R.J., Kleczkowska, K., Amiri, R., Wallden, P., Dunjko, V., Jeffers, J., Andersson, E. and Buller, G.S., 2016. Experimental demonstration of kilometer-range quantum digital signatures. Physical Review A, 93(1), p.012329.
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A. and Waters, B., 2016. Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM Journal on Computing, 45(3), pp.882-929.
Hassan, N.H. and Ismail, Z., 2015. A Conceptual Model Towards Information Security Culture in Health Informatics. In The Malaysia-Japan Model on Technology Partnership (pp. 187-196). Springer, Tokyo.
Jain, N., Stiller, B., Khan, I., Makarov, V., Marquardt, C. and Leuchs, G., 2015. Risk analysis of Trojan-horse attacks on practical quantum key distribution systems. IEEE Journal of Selected Topics in Quantum Electronics, 21(3), pp.168-177.
Markowsky, G., 2015, September. The problem of interceptor top level domains. In Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2015 IEEE 8th International Conference on (Vol. 1, pp. 424-428). IEEE.
Yang, G., He, S. and Shi, Z., 2017. Leveraging crowdsourcing for efficient malicious users detection in large-scale social networks. IEEE Internet of Things Journal, 4(2), pp.330-339.