In any Identity storage system, personal data is vulnerable to being accessed or intercepted and read by unauthorized users, during storage or when it is being transferred. This mainly happens when data is hosted in data centers or at the cloud and in particular during transactions that involve online authentication, verification, or exchange of identity data.
The majority of physical network links provide very poor confidentiality or privacy for transmitted data, particularly when the data is being transferred through open internet.
It might be convenient for the user or administrator, but increases the vulnerability of your personal data to attackers or eavesdroppers.
If used correctly, end-to-end encryption can help protect the contents of your messages, text, and even files from being understood by anyone except their intended recipients.
It can also be used to prove that a message came from a particular person and has not been altered. It makes messages unreadable to eavesdroppers on the network, as well as to the service providers themselves.
What does Encryption do?
Here’s how encryption works while sending a secret message:
- A clearly readable message (“hello mum”) is encrypted into a scrambled message that is incomprehensible to anyone looking at it (“OhsieW5ge+osh1aehah6”).
- The encrypted message is sent over the Internet, where others see the scrambled message, “OhsieW5ge+osh1aehah6”
- When it arrives at its destination, the intended recipient, and only the intended recipient, has some way of decrypting it back into the original message (“hello mum”).
Basics of Cryptography
Edward Snowden once said ““Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on”.
The use of encryption for war-time communication goes all the way back to Julius Caesar, who encrypted Roman military messages.
Caesar did this by replacing each letter of a word with the letter three spaces to the left in the alphabet, eg, “west” would be “tbpw”.
His generals knew this encryption code, so they could read the messages, but those outside the army who did not know the code could not.
Today, encryption is part of our daily lives, whether we realize it or not: our phone apps and credit and debit cards are all encrypted to enhance security.
For example, a debit card PIN is protected by an encrypted key, and the card – and the PIN – allow the user to unlock the data held within it.
Cryptographic methods are the most effective and commonly used tools for protecting data during storage and transactions.
Public and private keys are elements of cryptography.
Symmetric key cryptography vs asymmetric key cryptography
There are two forms of cryptography: symmetric key cryptography and asymmetric – or “public” – key cryptography.
Symmetric key cryptography is a form of cryptography in which the same key is used to both encrypt and decrypt the message.
Julius Caesar’s encrypted military messages are an example of symmetric cryptography. The same key – using letters three to the left in the alphabet of the specific message – is used to both encrypt and decrypt the message.
Another example would be a basic door lock. The same key can both lock and unlock the door lock.
The downside of symmetric key cryptography is that it’s open to people discovering it.
Somebody could easily steal a key to a door lock. Or in the case of Roman military messages, with time, opponents could figure out the cipher.
Asymmetric cryptography is a more complex form of cryptography. This is the form that blockchain uses.
In asymmetric cryptography, two keys are required to unlock information.
One key – a public key – is used to encrypt information and a second key – a private key – is used to decrypt it.
This method of encryption provides a strong layer of security to a transaction, securing both the item transacted and the ability to access it.
How private and public keys work
A person’s private and public keys combine to create a digital signature and unlock access to a piece of information or a transaction.
If a person wants to send information – or a transaction on the blockchain – they use their private and public keys together.
Say Person A wants to send information to Person B on the blockchain. He can do this by getting Person B’s public key, attaching the relevant information to that public key, and sending it to Person B.
Since the information is attached to Person B’s public key – and only Person B’s highly secure private key can work with his public key – Person A knows that the only person in the world who can see that information is Person B.
So the sender uses Person B’s public key to encrypt the information. This means that only Person B’s private key can decrypt the information.
Person B receives that information from Person A. Using his private key, he creates his digital signature and accesses the information.
The role of a digital signature is crucial. The combination of the person’s public and private keys creates a digital signature, which confirms that they – and they alone – have executed the desired transaction.
How blockchain uses cryptography
Blockchain has several primary uses for cryptography:
Protect the identity of users: It enables individuals on the blockchain to maintain the security of their personal identity and data so they can securely send messages across the blockchain. It gives each person a way to have a secure personal identification and authentication tool.
Secure blocks: People then use cryptography to make transactions on the blockchain, which when confirmed turn into blocks.
Ensure transactions are done safely: Cryptography enables users on the blockchain platform to confirm that transactions are, in fact, secure and viable and have valued protocol—and can thus be added to the blockchain.
As blockchain technology evolves and becomes more widely accepted by the people and industries outside of the blockchain, the security of public cryptography will continue to be essential to the technology and will be able to secure your data, click here to know how COVE can help you in securing your data.