Encryption as a Countermeasure for Information

Assurance

1.Introduction:
Encryption is one of the most trusted measure for data safety in a digital world where
any and every information can be accessed, intercepted or tampered without proper
control. In short, it is a technology where data or plaintext can be turned into cipher
text or unreadable by using encryption and decryption keys. Only authorized people
with the appropriate decryption key can convert it to its original plaintext form again,
making sure that intercepted data is still encrypted and confidential.
Encryption is a crucial way to protect confidential information, like records and data
that are personal or private in nature, financial datum which needs securing. It is
used in many industries and activities to secure information during data in transit, at
rest or use. In what follows, we look at encryption from an specifications and review
perspective who would use it why they do so as well see a good example for how the
timeline of encrypted email conversation. A graphic description of email security and
encryption, how it works to protect information assets, what the vulnerabilities are
and finally: How encryption addresses those same specific threats

2. Overview of Encryption: Encryption is the transformation of information from

clear text to unreadable or ciphered state. There are two primary types of encryption:
Symmetric Encryption: Symmetric encryption means the key is used for both
encrypting and decrypting their data. Speeds and ease of use it limits the amount you
can protect, but for that, encryption using symmetric keys is blazing fast compared to
asymmetric key pairs because both parties need be in possession of the same key.
Example Algorithm: Advanced Encryption Standard (AES)
Asymmetric Encryption: It makes use of a pair such as the one used for encryption,
and another to decrypt. It is typically used to protect information over the Internet,
such as when digital signatures or SSL/TLS protocols are being implemented.
RSA key generation algorithm (A Simple Algorithm available in below example sitll
one of the bests and basics algorithms we use)
There are various different encryption algorithms with differing levels of strength,
typically determined by the size of their key (e.g., 128-bit or 256-bit).
In general, the longer the key, the better; as keys get exponentially more secure with
each additional bit to try for an attacker using brute force techniques.
Data can be encrypted at various points in processing:
Data at Rest: includes encrypting saved data on hard drives and servers in addition
to accommodates storage records within the cloud.
Data in Transit: Encryption secures data that is being transmitted over networks (for
example, the internet).
Data in Use: data can also be encrypted while being processed or used by the
application.
3. Specs and reviews on Encryption Today, encryption is one of the most tested
securities and remarkably implemented. The definition consists of different
prerequisites based on the encryption standard or protocol. As an example, AES
being one of the most secure symmetric encryption algorithms uses key length of
128-bits,192-bits or 256b-length. Transit and data at rest encryption are essential to
ensure business applications security, particularly in regulated sectors like financial
services, healthcare or e-commerce environments where speed and strength are key
components. AES is well-known for its high-speed capabilities as well as a solid
guarantee of privacy protection it can provide if implemented correctly.
AIso AIgo is same Asymmetric key Algorithm which works on based of pair keys and
these are public and private In this RSA one form encryption. Similar to RSA, AES is
only for encoding/decoding SHA hash without any decryption functionality due the
trapdoor function nature of this algorithm which unnecessary in cryptographic context
as we do not need to reverse our math results. Commonly used example might be
encrypting small packages sending from a client browser side to web server or other
direction (application logic has been out rolled by TLS on routing steps built with
suitable encryption pattern). It is frequently used to protect data in transit, for
example email communications and websites connecting over HTTPS.
Encouraging Words for Encryption: By and large, we see high marks from
reviewers on encryption preventing data breaches. Encryption technologies are
commonly used for compliance reasons, such as the General Data Protection
Regulation (GDPR),the Health Insurance Portability and Accountability
Act(HIPAA)and Payment Card Industry Data Security Standard(PCI DSS). Second-
Secure the data Encryption helps organizations to avoid significant revenue loss and
preserve customer loyalty in case of a breach.
But it was not all smooth sailing in reviews of encryption:
Complex Key Management: Encrypting things is cool, but more difficult than
anything else about encryption is managing all the keys. If the encryption keys are
lost or compromised, it may also mean that neither authorized users can read this
data.
Performance Overhead: When we are dealing with encryption for large datasets or
real time communication, it places a heavy load on the system as encryption and
decryption can be CPU intensive.
End-to-End Encryption Gaps: Since encryption is very competent in protecting
data, there still can vulnerabilities at endpoints where the data was encrypted such
as exposed when decrypted on intermediate servers or devices.

4. Encryption: who would use it and why? Encryption is a must for any daily user
or enterprise dealing with classified data. The uses of it are many, and in certain
sectors where great quantities of personal data, financial or sensitive information is
handled the encryption becomes even more important.
Financial Services: In the banking and other financial institutions, encryption is used
to protect information regarding credit card numbers, bank account details or maybe
a list of transactions. Encrypted data remains secure whether it is at rest or in transit,
which helps to ensure compliance with PCI DSS and prevents financial fraud.
Healthcare: Organizations in healthcare are required by HIPAA to encrypt electronic
health records (EHR) and patient data. The encryption is aimed to avoid
unauthorized access of the sensitive information and this will also help in not
disclosing medical secrets that can lead identity thefts i.e. impersonation or health
insurance fraud.
Online retail: Merchants protect their customers' payment information by encrypting
it for online transactions. It is necessary for securing sensitive information like credit
card numbers and maintaining customer privacy. SSL/TLS encryption is commonly
used by websites to protect information when requesting and exchanging data from
the server over the web.
Government Agencies: Government organizations use encryption to secure
classified information from decryption by unauthorized third parties and comply with
data protection requirements that cover national security issues.

5. Example of an Online Activity:

Encrypting Email Transmission to avoid compromising the sensitive data. E-mail
communications are one of the most usual uses for encryption. This system uses the
sender to encrypt an email, so it is impossible for anyone but you to access the
content who can decrypt with the appropriate key.
When email messages are not encrypted, they can be intercepted in transit by bad
agents and the contents read. As such, data exposure could lead to the compromise
of sensitive information like personal or financial details. This problem is partially
solved by encoding the contents of an email so that even if someone gets access to
it, they cannot read the message in its raw format without a decryption key.
There are two ways in which encryption can be employed within a typical secure
email communication) configuration.
Data in Transit: Emails will be shielded by SSL/TLS encryption protocols as they
move around the network. This way even if the email has been captured, reader
content is still safe.
Data at Rest: Email encryption service applied to email at rest allows stored emails
on a server or device remain free from unauthorized access.
Visual Representation of Secure Email Communication with Encryption:
In the visual representation of secure email communication, the key components and
processes are:
Sender Device (Asset): The computer or mobile device from which the email is sent.
Mail Server (Asset): The email server that processes and routes the email.
Receiver Device (Asset): The recipient’s device where the email is received and
decrypted.
Network (State): The path through which the email travels across the internet.
Encryption Process (Process): The mechanism by which the email is encrypted
before being transmitted and decrypted upon receipt.
Description of the Visual Representation
Information States:
a. Data at Rest: Emails stored on the sender's and receiver's devices or email
servers. These are protected by encryption, ensuring unauthorized access does not
lead to data breaches.
b. Data in Transit: The email message moving between devices over the network.
Encryption ensures that even if the message is intercepted, it remains unreadable.
Vulnerabilities:
Interception: Unencrypted emails can be intercepted in transit, exposing their
content to unauthorized individuals.
Unauthorized Access: Emails stored on devices or servers may be accessed by
unauthorized parties if not encrypted.

Encryption Application
Encryption is applied at both stages (in transit and at rest) to ensure that sensitive
data, such as the contents of the email, are protected. TLS/SSL encryption secures
data in transit, while endpoint encryption protects data at rest.
Limitations of Encryption:
Key Management: If encryption keys are lost or mishandled, legitimate users may
lose access to their own data.
End-to-End Gaps: If encryption is not applied end-to-end, the data might still be
exposed at points where it is decrypted.
Performance Impact: Encrypting and decrypting data, especially for large volumes,
can slow down system performance.
7. Conclusion
Encryption is one of the most reliable countermeasures available today for
information assurance, providing critical protection against unauthorized access,
interception, and tampering. It is used across a variety of industries, including
finance, healthcare, e-commerce, and government, to secure sensitive data. While
encryption is highly effective, it must be implemented correctly to avoid vulnerabilities
such as poor key management or gaps in end-to-end encryption. Secure email
communication is just one example where encryption ensures that sensitive
information remains protected during transmission and storage. Despite its
limitations, encryption remains a cornerstone of modern information security
strategies.

Reference:
Stallings, W. (2017). Cryptography and Network Security: Principles and Practice (7th ed.).
Pearson Education.
Dierks, T., & Rescorla, E. (2008). The Transport Layer Security (TLS) Protocol Version 1.2
(RFC 5246). Internet Engineering Task Force (IETF).
Bishop, M. (2018). Introduction to Computer Security (2nd ed.). Pearson Education.
Microsoft Documentation (2021). Email Encryption in Office 365.