Hacking: How Encryption Keeps Your Data Secure

With billions of people and devices connected to the internet there is an enormous amount of data being sent over the network, saved on the computers, and stored in the databases. The network and the devices allow us to conveniently take such actions with our data. Majority of this data that we have is background noise that doesn’t have much use to others but we also have sensitive data. Even if the data isn't sensitive most of us feel much more comfortable knowing the data we share is not being looked at by a third-party. Life would be easy for all of us if our data was only visible to us and any parties we have given permission to. Unfortunately all technological devices and the network are susceptible to hacking. There is security implemented at every layer of technology because every layer has ways of leaking data which allows hackers to get unauthorized access to your data. There are evildoers out in the world who want to hack you, even the U.S. government is trying to hack you (and succeeding)!

One of the major layers protection, specifically for sensitive information, is data encryption. People have tried and found ways to encrypt data for thousands of years, possibly even longer if only we could decipher the hieroglyphs… Data encryption begins with a cipher used to hide the message, or plaintext. Most early examples of ciphers come from times of war used to hide the information about an army’s strategy. Such examples are the Spartan Scytale, Caesar Cipher, and the Enigma machine. Unfortunately these ciphers were easily breakable. With the power of today’s computers cipher algorithms need to be strong so that the best possible attack is by brute force. 

A common encryption method today is using AES in CBC mode giving the data confidentiality and integrity. Confidentiality prevents unauthorized reading of your data whereas integrity prevents unauthorized writing of your data. In the case of the aforementioned encryption method, AES works by dividing your plaintext data into 128 bit blocks and encrypting each block with a key after CBC obscures the plaintext block by XORing it with the previously encrypted block. The plaintext gets XOR’d otherwise two blocks with the exact same plaintext will have equal encryption output and that gives valuable information to the attacker. Since the first block does not have a previously encrypted block to XOR with a special initialization value is used. This encryption cleverly applies XOR and special functions to completely obscure the plaintext. The attacker can only use brute force and the shortest possible key for AES is 128 bits which would take a long time to break.

*Currently taking a course on information security so most of my knowledge on cryptology is from Information Security: Principles and Practice by Mark Stamp.