Encryption can be useful for several reasons: On a shared computer, it can make data unreadable to other users. The same applies to people who gain unauthorised access to your computer. Information on mobile devices such as notebooks and USB storage devices will not fall into the wrong hands if the device is stolen or lost and the data on it is encrypted.
Therefore, before you use an encryption method, you should first consider who you want to protect data from? In principle, techniques for encrypting entire hard disk partitions or other data storage devices only protect the data when the devices are switched off. As soon as the password for decryption is entered when the device is switched on, the data can be accessed in the same way as an unencrypted hard disk – i.e. if necessary, also by other users in the network or other user accounts of the computer.
Finally, it is important to remember that no encryption method used in practice today offers an absolute guarantee of security. Methods that are considered secure today could be easily cracked in the future. The most significant uncertainty factor is the possibility of fundamental scientific advances in various areas relevant to cryptography.
Although there are complex calculations behind encryption and cryptologists continue to research even more secure methods, the basic principles are easy to understand.
How does encryption work?
Encryption procedures consist of two elements: a key and a rule. By applying the key to the information to be encrypted according to the regulation, the encrypted message is created. In addition, there is a further regulation to decrypt the encrypted message again using the key.
In general, the following minimum objectives should be achieved:
- the encryption and decryption of texts must be simple (for a suitably programmed computer) if the key is known.
- Without knowledge of the key, it should not be practically possible for an attacker to decrypt messages even if he has considerable resources and knows the procedure.
Monoalphabetic substitution: a simple encryption method
A simple example of an encryption method is to exchange the letters of the text to be encrypted for other letters according to a substitution table. In this case, the substitution table is the key and the rule is to apply this substitution table to each letter of the text to be encrypted (the “plain-text”) in order to obtain the encrypted text (the “cipher-text”).
Although the number of possible keys is quite large (for an alphabet consisting of digits and capital letters it is already of the same order of magnitude as in modern ciphers), closer inspection reveals that this encryption method is very weak. A simple attack is based on counting the frequencies of the individual letters in the cipher. By comparing the frequencies of the letters found in the cipher with the frequencies in longer unencrypted comparison texts, a large part of the substitution table can then be directly reconstructed (if there is a sufficiently large amount of text encrypted with a fixed key).
In this example, only the first of the two basic goals for an encryption procedure mentioned above – easy encryption and decryption when the key is known – is achieved.
For modern encryption methods, it is assumed that they also offer a high degree of security against attacks by attackers with very extensive possibilities.
An example of such a procedure is the Advanced Encryption Standard (AES). This procedure is a core component of many widely used cryptographic solutions. The AES was developed in a public process and was examined for possible cryptographic weaknesses by a large number of experts before and after its standardisation. The current state of research is that significant cryptographic problems could only be found in significantly weakened versions of the AES.
Although AES is an important data encryption method, it is only one component in systems that use it, and there are other encryption methods with equally good security properties.
Trust is important
When choosing an encryption method or encryption software, trust plays a major role. With various procedures there are always speculations about possible back doors. This could mean that the developer of an encryption method, for example, has a kind of master key with which all encrypted information can be decrypted. Great trust is therefore placed today above all in techniques and programs whose functionality is open.
What to consider when using encryption
The advantages of encryption are obvious: data is protected from access by unauthorised persons – whether they are co-users of the computer, thieves or the finder of a lost USB stick.
But with all the advantages, it is also important to consider: Encryption does not come for free: it is always at the expense of performance – because a system that needs to encrypt and decrypt data requires computing capacity and energy. Depending on how large the available power reserves are, the noticeable effects of encryption are greater or smaller. A low-power computer can become noticeably slower by encrypting the entire system.
It is also important to know that encryption does not prevent the reading of information that is stored unencrypted by the system or released to the environment. For example, if only one partition of a hard disk or a specific folder is encrypted, an application may decrypt an originally encrypted file when opening it and place it in a temporary folder on the unencrypted part of the disk. Data can also be read from the main memory of a computer without encryption. In addition, there are a number of other possible attacks.
Weak point Password
In many encryption solutions, the encrypted data is effectively protected only by a password: if you know the password, you can then easily determine the cryptographic keys. The first commandment is therefore to use secure passwords. But even a secure password can be spied out, for example by malware logging keystrokes. No encryption solution protects against the dangers of malware! The generally recommended countermeasures, such as the use of a virus scanner and firewall as well as regular updates of the operating system, must therefore also be observed for systems with encrypted data.
At the same time, keys and passwords must be kept safe. The data carriers on which they are stored must be protected against thieves like a physical bunch of keys. Redundancy is also recommended: a backup copy of the key should be stored on a data carrier that is kept under lock and key at another location if possible. This ensures that data can still be accessed despite the loss of a key or password (e.g. due to a defective USB stick).
PCs and notebooks
Some computers, especially notebook models for business customers, are equipped with a Trusted Platform Module (TPM). This chip can serve as a key memory for encrypting data. This uses the Microsoft Windows software Bitlocker Drive Encryption to encrypt hard disk partitions. However, the software is only included in the Professional and Enterprise versions of Windows 7 and higher.
When encrypting the hard disk, Bitlocker stores the key required for decryption on the TPM. At the same time information about the current system configuration is stored there. If the system configuration changes, decrypting the hard disk fails: The TPM denies access to the key. This is to ensure that nobody can simply read the hard disk with another operating system. Only a recovery password then allows decryption. This password is chosen during encryption and should be kept safe. Anyone using Bitlocker under Windows 10 should note that the recovery password is automatically stored in the user’s OneDrive account, i.e. in a cloud service from Microsoft.
With Windows 7 (Ultimate/Enterprise), Microsoft has also introduced “Bitlocker to go”, which can be used to encrypt external data media such as USB sticks. The sticks can also be decrypted on Windows computers without Bitlocker software. To do this, Bitlocker can be started directly from the USB data carrier, where it is automatically stored in an unencrypted area.
There are both classic hard disk drives (HDD) and those without moving parts (SSD) that offer a built-in encryption option. To prevent manipulation, access to the data medium should be protected by a password via the BIOS (ATA Security Feature Set). The user must then enter this password each time the system starts. Various methods can be used for the actual encryption. However, all major manufacturers have agreed on a standard for hard disk encryption. Hard disks that are equipped accordingly are often called Opal hard disks. For hard disk passwords, however, encryption is not always necessarily implemented, but the password only prevents access to otherwise unencrypted data. This already provides basic protection, for example in the event of theft.
External hard disks and memory sticks
Cases for external hard disks and USB storage media are sometimes sold with built-in encryption technology. The hard disk enclosures only allow access to data after the user has proven to be authorised: for example, by means of a fingerprint, by entering a code on the built-in keyboard or by means of a radio chip that is supplied and functions like a contact-less key card. USB flash memories, on the other hand, often rely on software that has to be started on the computer and which then asks for a password.
Network Attached Storage (NAS)
Data storage devices in local networks, so-called NAS devices (Network Attached Storage), can encrypt the data stored on them, depending on the model. Each time the device is rebooted, the user must have the data decrypted. The strategies of the manufacturers vary: some devices require a USB stick with the key to be inserted, while others require the user to enter a password in a web interface. There is also the variant that the device saves the key itself and automatically uses it for decryption when restarting. If the key is stored on the hard disk itself, the sense of the encryption is made absurd. Some devices store the key on an internal memory chip instead. This way the data is protected at least in case of theft or exchange of the hard disk, but not if strangers gain access to the whole device.
If you use such network storage for your data, you should not only encrypt your data but also consider the security of the corresponding network.
Encrypted communication on the Internet
It is important for all Internet users to know that communication on the World Wide Web is generally and largely unencrypted. Internet users now have a number of options and encryption techniques to use in order to transmit messages, telephone calls or e-mails on the Internet in a way that is protected against access by unauthorised third parties. The effort required of private individuals to use these techniques is becoming less and less. The added value for their own privacy, on the other hand, is very high. It is worthwhile for all Internet users to consider the possibilities of encryption.
Reasons for using encrypted communication
The decision to send a closed letter instead of an open postcard often has a good reason. The sender wants to shield the personal or sensitive data contained in the message from unauthorised readers.
In the digital world, the unencrypted e-mail corresponds to a postcard. Everything in it is potentially readable by anyone, while the email is transported from the sender to the recipient.
It’s a similar story with, among other things, chats, telephone conversations via Voice-over-IP (VoIP) and the data that browsers send and receive over the Internet when websites and online services are accessed.
Encryption ensures that only authorised persons can decipher the content of a message. This is why banks, for example, encrypt information sent over the network.
Overview of encryption goals and techniques
Basically all applications can also be used encrypted. For this, additional encryption techniques must be integrated into the respective programs. There are currently two main cryptographic methods to choose from: asymmetrical and symmetrical, as well as hybrid forms of encryption. These procedures contain different algorithms and hierarchies that determine, for example, how key pairs for encryption are created and distributed.
In the case of e-mails, transport encryption (point-to-point encryption) or so-called end-to-end encryption is implemented for this purpose.
Transport encryption secures the communication between the e-mail program and its e-mail service provider. The latter forwards the mail to the respective e-mail service provider of the recipient. This technique is also known as point-to-point encryption, as the e-mail is briefly unencrypted at nodes such as the e-mail service provider’s server. The message is only encrypted between the nodes. Although transport encryption makes it very difficult for unauthorised persons to read the message, the e-mail service providers involved still have access to the plain text of the mail. As a rule, the user cannot influence, activate or deactivate this technology himself or herself. Transport encryption is nevertheless better than communicating completely unencrypted.
End-to-end encryption is recommended so that the message cannot be read or listened to on its way. The e-mail is encrypted with the addressee’s public key before it is sent and is not opened until it is received by the addressee’s second matching and secret key. The e-mail is thus protected throughout and cannot be viewed in plain text even at the nodes. In this way, the asymmetric key pair of the recipient ensures the confidentiality of the message. The sender can calculate a checksum, also known as a hash value, from the e-mail ready to be sent and encode it with their own secret key. This is then a digital signature that corresponds to a fingerprint or stamp and can be attached to the e-mail. The addressee also calculates the checksum of the received e-mail and decrypts the attached signature with the sender’s public key, which gives him the checksum calculated by the sender. If both checksums match, the recipient knows that the mail has not been modified, i.e. that its integrity is guaranteed. Furthermore, he or she can verify that the mail really does come from the owner of the matching secret key and thus the authenticity is correct. The asymmetric key pair of the sender can thus guarantee the integrity and authenticity of the mail.
Only end-to-end encryption therefore guarantees complete protection of the transmitted data packets and fulfils three important objectives of encryption on the Internet:
Protection of confidentiality: The messages or data can only be read or clearly heard in plain text by the person for whom they are intended.
Protection of authenticity: The authenticity of the sender is verified. The sender is really the person who is indicated as the sender.
Protection of integrity: The message cannot be altered unnoticed by third parties on its way from sender to recipient.
These objectives can only be guaranteed by end-to-end encryption, where the data is encrypted when it is sent and decrypted only when it is received.
to be continued in Part 2