By: Vincent Mwando
1.1.Background
The
world today evolves every minute with disruption in the human way of life. This
has exacted pressure on human to develop ways of protecting and safeguarding
their information in the digital space. Before the era “one click away”, we
used to lock pieces of stuff in enclosed cubicles with padlocks or even safes.
This hindered unauthorized users from accessing the components inside the
safes, granaries and even the lockers. Evolution in information, communication
and technology has brought out a beast termed us The Digital World which required
the same approach but now through coding and decoding.
Currently,
there is advancement in communication through the messaging platforms for
instance WhatsApp and signal and in online banking such as mobile and internet
banking. This has initiated a way such that prying eyes can access the
information in the process of transmitting it to the end-users without even the
knowledge of the sender and receiver. In other instances, access the credit
data.
Thus,
the wide use of emerging trends in communication, information and technology
calls for encrypting data by encoding and the receiver having the special key
that can decrypt it.
1.2.Introduction
Encryption is the art of encoding (coding and
decoding) information. This involves scrambling or enciphering data so that
only the target user gets the information hence the term end-to-end encryption.
In our daily life, we rely on encryption in many
aspects in achieving privacy in the digital Space. It is applied in almost all
sectors in the digital space from that of banking, cloud
computing (iCloud, google drive, amazon etc.), communication-messaging
(WhatsApp, Signal etc.), online shopping (Amazon, Alibaba, Jumia), normal daily
browsing and even that of online streaming services.
Encryption has been under several threats; attacks
from the data exfiltration, government, zero-day, malware and ransomware, rogue
sites and spear-phishing hence the need to in
protection of encryption and privacy in the digital space.
According
to the United Nations Human Rights Council, ‘privacy online is important for
the realization of the right to freedom of expression and to hold opinions
without interference, and the right to freedom of peaceful assembly and
association’.[2]
1.3.How encryption works.
Symmetrical,
asymmetrical and hybrid encryption are the main types of encryption.
Once
the message is composed by the sender majorly as plaintext, it is converted to
ciphertext using a special unique key thereby scrambling the data then sending
it to the receiver. The receiver has a key that decrypts the ciphertext into
special readable text termed plaintext. The two special keys are required to encrypt
and decrypt and once encrypted, only the decryption key can enable the receiver
to comprehend the message.
 |
|||
1.4.Threats to encryption
Threats to encryption is an attack
on privacy and a violation of human rights. The threats come from all angles; the
private sector, governments, businesses and individuals. The threats are Ghost
proposals, Key escrow and “Machine in the Middle” (MITM) attack.
1.4.1. Quantum
Threat (Post-quantum)[4]
The world currently runs on quantum technology i.e., quantum
entanglement, quantum mechanics and quantum superposition. Currently, data and
information across the digital space are controlled using a public key
encryption algorithm which includes:
a.
Rivest–Shamir–Adleman
(RSA). This is an asymmetric cryptographic algorithm i.e., has two keys (Public
Key and Private Key) and is used in modern computers to encrypt and decrypt
data.
b.
ElGamal. This
is an asymmetric cryptographic algorithm that relies on the difficulty of obtaining
discrete logarithm in a cyclic group[5].
c.
Elliptic Curve.
This is an algebraic structure that offers encryption through public-key
cryptography over finite fields.
Advancement
in technology has brought by Quantum computers which can break public-key
encryption enabling anyone with the manpower and skill to obtain the keys hence
able to decrypt the data. This brings the need to come up with the next
generation of cryptography other than the RSA, ElGamal and Elliptical curve
ones.
1.5.Pros of encryption
a.
It enables a
near bulletproof barrier from accessing data by all unauthorized intrusions.
b.
It enables
private communication as only intended parties by the sender access the
content.
c.
Fosters
personal security by keeping your identity safe and hinders people from
impersonating you and getting private data.
d.
It’s the
cornerstone of national security, by protecting the secrets of countries and organizations.
1.6.Encryption best practices
This entails,
i.
Understanding
the need for strong encryption by staying informed, informing and sharing
information with others and finally taking actions through joining hands and
keeping it safe.
ii.
Use of strong
encryption across all platforms.
iii.
Restricting
third-party applications from the amount of data and access they have.
iv.
Government policies
to safeguard encryption.
v.
White hackers
will protect and manage the constant changes and advancement in technology.
1.7.How to
keep safe in the digital space.
a)
Only using
end-to-end encrypted messaging applications such as WhatsApp and Signal. Setting
encryption default before using devices and various online and offline services.
b)
Using strong and
unique passwords and codes and always having additional security features such as
two-factor verification (2FA) and erase-data options turned on to avoid prying
eyes and black hat hackers accessing the data.
c)
Updating security
features and universal updates to be up to date. Software and application
developers once realize britches and bugs in the system, tend to develop a solution
and roll them through updates. This help safeguard privacy.
To
conclude, encryption is part and parcel of our daily life. Achieving it requires
a collective effort from individuals, government and more so the policies
makers to come together and ensure strong encryption.
[1] Isuru Jayathilake, ‘Introduction
to encryption’ Medium, 2 August 2018 <https://medium.com/@isuruj/introduction-to-encryption-4b810996a871>.
[2] United Nations Human Rights Council, Agenda Item 3: The
promotion, protection and enjoyment of human rights on the Internet.
[3] Lina Gong, Li Zhang, Wei Zhang,
Xuhong Li, Xia Wang and Wenwen Pan, ‘The application of data encryption
technology in computer network communication security’ 2017, 5th International
Conference on Computer-Aided Design, Manufacturing, Modeling and Simulation
(CDMMS 2017).
[4] The
Quantum Threat, <
https://www.post-quantum.com/the-quantum-threat/#:~:text=Quantum%20computers%20can%20break%20current,one%20requiring%20mitigation%20strategies%20today.>
[5]ElGamal
Encryption Algorithm, 16 Nov, 2018, <https://www.geeksforgeeks.org/elgamal-encryption-algorithm/>
No comments:
Post a Comment