Understand the need for and purpose of encryption when transmitting data

🔒 Encryption – Keeping Data Safe When It Travels

Why Do We Need Encryption?

When data moves from one place to another (like from your phone to a server), it can be intercepted by anyone on the network. Encryption turns readable data into a scrambled form that only someone with the right key can read again.

  • Confidentiality – keeps information secret 🔐
  • Integrity – ensures data hasn’t been altered 🛡️
  • Authenticity – verifies who sent the data 👤

Analogy: The Secret Box

Imagine you want to send a note to a friend. You put the note in a small box, lock it with a key, and send it. Only the friend who has the key can open the box and read the note. Encryption works the same way – the “box” is the encrypted data and the “key” is the secret that unlocks it.

Simple Example: Caesar Cipher

The Caesar cipher shifts each letter a fixed number of places in the alphabet.

Plain Text Shift (Key) Cipher Text
HELLO 3 KHOOR
WORLD 5 BTWQI

Notice how the same key (shift) can encrypt different messages, but only someone who knows the shift can decrypt them.

Types of Encryption

  1. Symmetric Encryption – Same key for encryption & decryption (e.g., AES). Fast but key must be shared securely.
  2. Asymmetric Encryption – Public key for encryption, private key for decryption (e.g., RSA). Key exchange is easier but slower.

How Encryption Protects Data in Transit

When you visit a website that starts with https://, your browser and the server use a protocol called TLS (Transport Layer Security). TLS does the following:

  • Creates a session key using asymmetric encryption.
  • Uses that session key (symmetric) to encrypt all data sent between you and the server.
  • Ensures that if someone intercepts the traffic, they only see scrambled data.

Common Vulnerabilities

  • Using no encryption (HTTP instead of HTTPS).
  • Using weak keys (e.g., 40‑bit keys).
  • Failing to keep private keys secure.

Exam Tips

  • Explain why encryption is necessary when data travels over networks.
  • Give examples of confidentiality, integrity, authenticity and how encryption supports them.
  • Describe the difference between symmetric and asymmetric encryption and give a real‑world example for each.
  • Explain how HTTPS/TLS uses both types of encryption to secure web traffic.
  • Highlight common mistakes that can break encryption (e.g., weak keys, no encryption).

Revision

Log in to practice.

1 views 0 suggestions