Skip to content

JA4. Encryption and Authentication

Statement

In this unit, we learned about various topics related to Encryption and Authentication. To reflect on what you have learned, answer each of the following questions:

  • Describe what was the most interesting facts you learned about Encryption and Authentication. Give a rationale to support your selection of the facts.
  • List your plans for further exploration of Encryption and Authentication.

Solution

The topic of encryption was very interesting; it is fascinating to see smart people solving problems in a way that holds strong even with the advancements in computers and technology in general; but everything has its limits, and while old ways are becoming older; more smart people are finding new ways that are quantum resistant.

Here are some interesting facts about encryption I collected while reading the assigned material:

  • Many jobs involve encryption, like information security analysts, penetration testers, security architects, and chief information security officers (Cyberdegrees, 2021).
  • There are different modes of operation for block ciphers, like ECB, CBC, CFB, OFB, and CTR; that make them more secure as deciphering a text requires prior knowledge of the mode of operation.
  • Encryption has many services beyond hiding information from unauthorized parties, like confidentiality, authentication, data integrity, and non-repudiation (Tutorials Point, 2015).
  • RSA is the most used public-key cryptosystem, it is based on the prime numbers factorization problem, which is hard to solve for large numbers (Tutorials Point, 2015).
  • PKI (public key infrastructure) is a huge and complex system that keeps track of public keys and certificates, and it is used to verify the authenticity of a public key (Tutorials Point, 2015).
  • Root CA are usually kept safe offline, and only brought online for a short time to do some operations and then taken offline again (Turner, 2017). This proves that the only safe place is offline, and anything online is vulnerable to attacks.
  • Brute force attacks are such a big problem; but a good developer should take precautions to make it harder for the attacker to brute force the password, like hashing with salt, limiting the number of login attempts, using CAPTCHA, and two-factor authentication.

The future of encryption is promising; and here are my future thoughts about it:

  • With the current encryption algorithms getting out of date; there will be a huge effort to transition to new methods shortly, like quantum-safe encryption algorithms.
  • As a software engineer, I must play my part and be prepared to contribute with the efforts; and prepare any products I develop to be ready for the transition.
  • Homomorphic Encryption is relatively a new concept that makes it possible to perform operations on encrypted data without decrypting it first; this will be a huge breakthrough as it allows cloud providers to do necessary operations on the data without having to decrypt it first; which may increase the market share of cloud-based services (IBM, 2021).
  • Confidential Computing is another concept I want to explore; it is a new technology based on special hardware that is separate from other parts of the devices; it is sometimes called a trusted execution environment (TEE) or a secure enclave(IBM, 2021). Apple products started including such a device to store sensitive data like biometrics and passwords.

References