Content deleted Content added
No edit summary Tag: Reverted |
m Reverted 1 edit by 177.38.153.124 (talk) to last revision by LuK3 |
||
Line 10:
For technical reasons, an encryption scheme usually uses a [[pseudo-random]] encryption [[Key (cryptography)|key]] generated by an [[algorithm]]. It is possible to decrypt the message without possessing the key but, for a well-designed encryption scheme, considerable computational resources and skills are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients but not to unauthorized users.
Historically, various forms of encryption have been used to aid in cryptography. Early encryption techniques were often used in military messaging. Since then, new techniques have emerged and become commonplace in all areas of modern computing.<ref name=":1">{{Cite journal|last=Kessler|first=Gary|date=November 17, 2006|title=An Overview of Cryptography|url=https://www.garykessler.net/library/crypto.html|journal=Princeton University}}</ref> Modern encryption schemes use the concepts of [[Public-key cryptography|public-key]]<ref name=":5" /> and [[Symmetric-key algorithm|symmetric-key]].<ref name=":1" /> Modern encryption techniques ensure security
== History ==
Line 71:
== Attacks and countermeasures ==
Encryption is an important tool but is not sufficient alone to ensure the [[Information security|security]] or [[Information privacy|privacy]] of sensitive information throughout its lifetime. Most applications of encryption protect information only at rest or in transit, leaving sensitive data in
In response to encryption of data at rest, cyber-adversaries have developed new types of attacks. These more recent threats to encryption of data at rest include cryptographic attacks,<ref>{{cite web |others=Discussion of encryption weaknesses for petabyte scale datasets |url=https://www.ssrc.ucsc.edu/Papers/li-fast13.pdf |website=www.ssrc.ucsc.edu |title=Horus: Fine-Grained Encryption-Based Security for Large-Scale Storage |author=Yan Li |author2=Nakul Sanjay Dhotre |author3=Yasuhiro Ohara |author4=Thomas M. Kroeger |author5=Ethan L. Miller |author6=Darrell D. E. Long}}</ref> [[Ciphertext stealing|stolen ciphertext attacks]],<ref>{{Cite web |url=https://robertheaton.com/2013/07/29/padding-oracle-attack/ |title=The Padding Oracle Attack – why crypto is terrifying|website=Robert Heaton |access-date=2016-12-25}}</ref> attacks on encryption keys,<ref>{{Cite news |url=https://arstechnica.com/security/2016/08/researchers-crack-open-unusually-advanced-malware-that-hid-for-5-years/ |title=Researchers crack open unusually advanced malware that hid for 5 years |newspaper=Ars Technica |access-date=2016-12-25}}</ref> [[Insider threat|insider attacks]], data corruption or integrity attacks,<ref>{{Cite news|url=https://arstechnica.com/security/2016/08/new-attack-steals-private-crypto-keys-by-corrupting-data-in-computer-memory/|title=New cloud attack takes full control of virtual machines with little effort|newspaper=Ars Technica|access-date=2016-12-25}}</ref> data destruction attacks, and [[ransomware]] attacks. Data fragmentation<ref>Examples of data fragmentation technologies include [[Tahoe-LAFS]] and [https://storj.io/index.html Storj].</ref> and [[Active Defense|active defense]]<ref>{{Cite web |title=Moving Target Defense (MTD) – NIST CSRC Glossary |url=https://csrc.nist.gov/glossary/term/moving_target_defense |publisher=National Institute of Standards and Technology |access-date=2025-04-24}}</ref> data protection technologies attempt to counter some of these attacks, by distributing, moving, or mutating ciphertext so it is more difficult to identify, steal, corrupt, or destroy.<ref>[https://www.cryptomove.com CryptoMove] {{Webarchive|url=https://web.archive.org/web/20210206131311/https://www.cryptomove.com/ |date=2021-02-06 }} is the first technology to continuously move, mutate, and re-encrypt ciphertext as a form of data protection.</ref>
| |||