Skip to content

Data file encryption.md

Jump to bottom
Juan Maldonado edited this page Jan 14, 2024 · 2 revisions

Data file encryption

Why does this topic matter?

  • This topic matters because in order to secure data and be compliant with the CIA triad, individuals will need to know how to hash and encrypt data.
  • It is also important to know the difference between hashing and encryption. Knowing how each method is applied and the use cases for them is valuable knowledge to have.

You have been made responsible for the company’s file server. How would you preserve the three elements of the CIA triad?

  • If I was made responsible for the company's server, I would preserve the three elements of the CIA triad by implementing the following:
    • For the objective of implementing confidentiality in the file server I would use encryption to make the data unreadable, this would be applied to data at rest and data in transit. I would use Secure Shell (SSH) to make a secure tunnel for the data to be sent, and while data is at rest I would use OpenPGP. Those two implementation will go a long way to ensure that confidentiality of the data is achieved.
    • To achieve integrity of the data so that it is not tempered with or altered by unauthorized individuals, I would use hash functions and digital signatures. By using secure file transfer protocols such as FTPS, HTTPS, and SFTP the data will not be changed and cause disputes.
    • Lastly, I would ensure availability of the data by implementing a high availability cluster with failover and an added load balancing mechanism. This would make the servers more resilient to hardware failure.

Explain how hashing verifies data integrity using non-technical terms.

  • Hashing verifies data integrity just like we verify the mail. We receive mail packages via a special stamp, buy scanning the stamp we are able to see the receipt and other information to make sure it matches the original receipt during the purchase of the item.
    • Hashing works in the same fashion, an algorithm creates a unique code (stamp) based on the data. If the data changes then the hash changes and we can verify by comparing it to the original hash code. This will alert the user that the data has changed.

How is hashing and encryption different?

  • While both hashing and encryption are cryptographic methods, there are pretty different in there creation and use.
    • Hashing takes input data and produces a hash, which is a fixed sized string of characters. hashing does not use a key, the same input (data) produces the same hash, and it is a one way process, if you rerun the hashing method, it does not decrypt it.
    • Encryption is used to secure data by converting it into a different (unreadable) format. It uses keys, and different keys will produce different ciphertexts. It is also reversible unlike hashing, encryption is a two way process where you can encrypt and decrypt data.

Things I want to know more about

  • I would like to know more about the methods that cracks the encryption such as brute force or dictionary attacks.
  • I would also like to know more about the quantum encryption concept. Since supposedly whom ever achieves quantum computing will be able to crack current encryption methods.
Clone this wiki locally