Encryption Types

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We've talked about what encryption is.
00:00
It's basically the cryptographic process of disguising
00:00
information by transforming clear text information
00:00
through the use of different algorithms.
00:00
But now we're going to talk about
00:00
Different Encryption Types and
00:00
how they are used in the Cloud.
00:00
Our lesson objectives are to
00:00
talk about the two types of encryption,
00:00
and talk about the use case for each because
00:00
both types of encryption are
00:00
>> used in the Cloud contexts.
00:00
>> But we're going to talk about why and some of
00:00
the strengths and weaknesses of each.
00:00
I also want to make an important distinction.
00:00
When I talk about types of encryption,
00:00
there are two basic types of encryption,
00:00
but there are different algorithms that are applied to
00:00
create the encryption scheme in each one.
00:00
There's difference between the types of encryption
00:00
and the algorithms are implemented in each one.
00:00
Let's get into the two different types.
00:00
There are basically two
00:00
main types of encryption: there's
00:00
symmetric encryption and there's asymmetric encryption.
00:00
In symmetric encryption, there's only one key,
00:00
and this symmetric key is used to encrypt
00:00
the data and decrypt the data. That's great.
00:00
It's usually very fast,
00:00
and that's one of the benefits of it. Just one problem.
00:00
How do you ensure that the person you are trying to
00:00
share this encrypted file with has the key.
00:00
You have to use some kind of secure
00:00
method of transporting the key
00:00
to the other person and you risk it being compromised.
00:00
Then also if someone sends you
00:00
a file that's encrypted using symmetric encryption,
00:00
how do you know that is
00:00
truly the individual they'd say they are?
00:00
Well, many of these issues are
00:00
addressed through asymmetric encryption.
00:00
Asymmetric encryption, the encryption scheme works
00:00
by a pair of public private keys.
00:00
Each entity has a public key that is used to encrypt
00:00
information that is sent to them and they
00:00
can decrypt that information with their private key.
00:00
The security is really important to ensure that
00:00
those private keys are never disclosed.
00:00
Only the public key is
00:00
registered and provided to entities that want to
00:00
interact so they use the public key to encrypt
00:00
a communication sent to an individual and
00:00
then that individual use their private key.
00:00
Now, asymmetric encryption is slower,
00:00
but it's more secure because it
00:00
provides both the confidentiality
00:00
as well as non-repudiation.
00:00
Because you can see of
00:00
this public key is
00:00
registered to this individual or this organization,
00:00
and I'm certain that this communication is
00:00
sent to me from them because it
00:00
utilizes their public key or my public key.
00:00
One of the important things
00:00
in the Cloud is because there's
00:00
so much coordination among
00:00
organizations and different vendors,
00:00
you really have to utilize
00:00
asymmetric encryption algorithms to
00:00
register your public key
00:00
so organizations and vice versa,
00:00
with other organizations so you can send
00:00
each other information utilizing these public keys.
00:00
Then individuals use their private key
00:00
to decrypt the information.
00:00
As I said, it's slower than symmetric encryption,
00:00
but asymmetric encryption is often used to send
00:00
a symmetric encryption key to
00:00
a third party to enable
00:00
that faster encryption scheme to work.
00:00
You saw asymmetric encryption
00:00
is often used to solve that how
00:00
do I send the symmetric encryption key
00:00
without it being compromise problem?
00:00
Here's a quiz question.
00:00
A company has a private Cloud instance.
00:00
If a third party want to send them
00:00
>> an encrypted message,
00:00
>> they would need to use which key?
00:00
The company's public key,
00:00
the third parties private key,
00:00
or the third parties public key?
00:00
If you said the company's public key, you're right.
00:00
The third parties private key is
00:00
the key that they don't disclose and is used to
00:00
decrypt messages that are sent to
00:00
them using their public key.
00:00
If you sent the organization
00:00
a message encrypted using the third parties public key,
00:00
the organization would have no way of decrypting it
00:00
because they don't have the private key
00:00
associated with that third party's public key.
00:00
We talked about the two different types of encryption.
00:00
We talked about the use case for each type.
00:00
Symmetric is fast, but there's
00:00
that issue regarding how to
00:00
successfully and safely transmit
00:00
the key to the person you want to decrypt your message.
00:00
Asymmetric encryption is slower,
00:00
but provides a greater amount
00:00
of security in terms of it provides
00:00
both confidentiality as well as non-repudiation.
00:00
We talked about how each will be used in the Cloud
00:00
because there's a lot
00:00
of communication among organizations,
00:00
they used their public keys
00:00
as a means of enabling other organizations
00:00
to encrypt information that they
00:00
can safely decrypt using their private keys.
00:00
We're going to talk more about the rules and
00:00
different services around encryption in
00:00
the next lesson. I'll see you there.
Up Next