Data Encryption

AGENDA

1) What does data mean?

2) Data Encryption
3) Symmetric and Asymmetric Encryption
4) Two key trade-offs between symmetric and asymmetric encryption
5) Data at-rest encryption and Data in-transit encryption
6) ways to encrypt data in databases
 What does data mean?

• A representation of facts, concepts, or instructions in a formal manner suitable

for communication, interpretation, or processing by human beings or by
computers
• They have evolved into priceless assets that drive innovation, decision-making,
and progress in virtually all industries and sectors
• Due to the importance of data, it must be protected, which is why we use
encryption
 Data Encryption
• Data Encryption is a method of converting sensitive information from plain text to
ciphertext with the help of public/private keys.
• Data Decryption: The process of converting back to plain text is referred to as decryption
Data Encryption
Data Encryption

• A cryptosystem involves a set of rules for how to encrypt the plaintext and
decrypt the ciphertext. The encryption and decryption rules, called
algorithms, often use a device called a key, denoted by K.
• The resulting ciphertext depends on the original plaintext message, the
algorithm, and the key value.
• We write this dependence as C = E(K, P).
 Symmetric and Asymmetric Encryption

• The two most common encryption methods are symmetric and asymmetric
encryption. The names refer to whether or not the same key is used for
encryption and decryption.
1) Symmetric encryption
In a symmetric way, the encryption and decryption keys are the same, so P = D(K, E(K,
P)), meaning that the same key, K, is used both to encrypt a message and later to decrypt it.
This form is called conventional key or single-key or secret key encryption because D and E
are mirror-image processes
Symmetric and Asymmetric Encryption

Figure2 symmetric way

Symmetric algorithms

• A variety of encryption algorithms are available, each intended for a specific use. The most
well-known symmetric encryption algorithms are as follows:
1) Data Encryption Standards (DES): DES is a low-level encryption block cipher algorithm
that converts plain text into blocks of 64 bits and converts them to ciphertext using keys of
48 bits
2) Triple DES: Triple DES runs DES encryption three different times by encrypting,
decrypting, and then encrypting data again
3) Advanced Encryption Standard (AES): AES is often referred to as the gold standard for data
encryption and is used worldwide as the U.S. government standard
Asymmetric Encryption

• Encryption algorithms of this form are called asymmetric or public key because
converting C back to P involves a series of steps and two key that are different from the
steps of E .
• encryption and decryption keys come in pairs. Then, a decryption key, K D, inverts the
encryption of key KE , so that P = D(KD, E(KE ,P)).
Asymmetric Encryption

• A variety of encryption algorithms are available, each intended for a specific use. The
most well-known Asymmetric encryption algorithms are as follows:
1) RSA: RSA, named after computer scientists Ron Rivest, Adi Shamir, and Leonard
Adleman, is a popular algorithm used to encrypt data with a public key and decrypt
with a private key for secure data transmission [4].
2) Public key infrastructure (PKI): PKI is a way of governing encryption keys through the
issuance and management of digital certificates [4].
Two key trade-offs between symmetric and asymmetric
encryption
• There are two key trade-offs between symmetric and asymmetric
encryption: speed and security.
• Symmetric encryption is quicker because the keys used in symmetric
cryptography are the same for encryption and decryption unlike A
symmetric.
• Asymmetric encryption is slow but more secure because it employs two
distinct keys: a public key that is only used to encrypt communications,
making it safe for anybody to possess, and a private key that is never
disclosed. Because the private key is never shared, it ensures that only the
intended receiver may decrypt encoded communications and generate a
tamper-proof digital signature
Types of database encryption

There are two primary types of database encryption: data-at-

rest encryption and data-in-transit encryption. Both types of
encryption are critical for protecting sensitive information
and ensuring data security.
 Data at-rest encryption and Data in-transit encryption

1. Data at-rest encryption is the process of encrypting data that is stored on a

physical device, such as a hard drive or a USB stick. This type of encryption is
critical for protecting sensitive information in case the physical device is lost
or stolen.
2. Data in-transit encryption is the process of encrypting data that is being
transmitted from one device to another, such as data transmitted over the
internet or a private network. This type of encryption is critical for protecting
sensitive information from interception or eavesdropping during transmission.
Data at-rest encryption and Data in-transit encryption

• Both data at-rest encryption and data in-transit encryption are

critical for protecting sensitive information and ensuring data
security. Data at-rest encryption protects data stored on physical
devices, while data in-transit encryption protects data during
transmission between devices. By implementing both types of
encryption, organizations can ensure that sensitive information
remains protected at all times.
ways to encrypt data in databases

• There are several ways to encrypt data in databases, and

database encryption has emerged as a crucial aspect of data
security. The most popular techniques for database encryption in
this section, such as column-level encryption, symmetric
encryption, asymmetric encryption, transparent or external
database encryption, and application-level encryption
Thank you