by Ana María Restrepo
For many people the term encryption should not be used in Spanish, because this is a translation of the English word encrypt, rather you should use the term encrypt, which refers to cryptography, but in the world of information technology any of these three terms are accepted.
Cryptology comes from the Greek κρύπτω krypto "hidden", and γράφω graphs, "to write", which translates "hidden writing"; as such it focuses on the protection of important data and currently on the information stored by mobile and computer equipment.
The trajectory of cryptology begins when the first civilizations created ways to send messages during military campaigns, so that the information was not known to the enemy even if he captured the messenger.
According to wikipedia, it is believed that the first encryption system, which was based on the position of letters in a table, was documented by the Greek Polybius, but there were also other forms used such as the Spartan Scythian, a method of transposition based on a cylinder that served as a key in which the message was wound to be able to encrypt and decrypt.
In the seventeenth, eighteenth and nineteenth centuries, the interest of the monarchs for cryptography was remarkable, Philip II, Henry IV and Mary Stuart (Queen of Scots), were the ones who most used this system, however the latter did not run with much luck because it was executed by her cousin Elizabeth I of England to discover a plot against her after a successful cryptanalysis carried out by the mathematicians of Elizabeth.
In World War II, the Germans used the enigma machine, a rotor instrument that considerably automated the calculations that were performed for encryption and decryption operations. Then in the 70s is published, by the North American Department of Norms and Standards, the main cryptographic system of the end of the century: the Data Encryption Standard, DES.
Nowadays cryptography uses asymmetric systems, which have allowed this technique to be introduced in other fields that are now important such as computer science.
In the world of systems
The use of mobile phones, computers, personal computers, palms, among other electronic devices that are part of information technology, as well as the popularization of the Internet, have made it essential to protect the data transmitted through these computers so that hackers or information thieves do not access them. Therefore, encryption or cryptography plays an important role in today's world.
One of the most worrying issues of 2007 and 2008 was the theft of the personal data of Internet users and their passwords at the time of banking transactions on the network, which is why computer security companies, banks and governments launched different education campaigns so that users did not fall into the traps of hackers. and protected, and greater controls and encryption methods were implemented within financial, commercial and government organizations.
According to Ignacio M. Sbampato, VICE PRESIDENT of ESET for Latin America, encryption transforms information so that it is only readable by those who know the method in which it was transformed and must be used for the protection of confidential information and the security of communications in insecure channels. But as is the situation and the high insecurity that occurs on the Internet, "encryption is the main technological-social battlefield for the preservation of freedom on the Internet" as Manuel Castells, senior professor at the Internet Interdisciplinary Institute (IN3) of the UOC (Open University of Catalonia) says.
It is important to note that cryptography is not only used by companies or institutions, all people who require the protection of their information, regardless of the means or place of storage, must use encryption methods, because as well as in real life, in virtual life there are cybercriminals who are on the lookout, looking for some naïve person or with little knowledge to make theirs.
Can you imagine finding that you bought a thousand-dollar laptop with your credit card and it never came to you, or simply that your savings account is empty or that your ID number was used in fraud?
Signs, numbers, and letters that protect data
Today, the use of mobile communication systems and the network has increased significantly, so much so that according to data provided by Datamyne, in 2008 the figures of imports of cell phones in Latin America reached US $ 3,349,459,745 and those of digital processors were 89.6 million dollars, which demonstrate the heyday of these devices in the region, but at the same time they present a discouraging picture when it comes to thinking about information theft.
There are many types of data that we do not want others to know such as credit card information, private correspondence, personal data, company information, passwords and bank accounts, but so that these are not seen we must make sure that the equipment, whether computer, palm or cell phone, from which the operations are carried out is protected and has encryption systems, likewise, the veracity of the pages where these operations will be carried out must be verified.
The developments in terms of systems are concerned, bring new forms and methods of encryption that use numbers, signs or letters to hide information ranging from the use of simple transformations and / or permutations of characters to advanced algorithms such as DES (Data encryption standard), AES (Standard and advanced encryption) and RSA (cryptographic system with public key), as Sbampato explains. "In turn, there are symmetric and asymmetric methods, which depend on the key or certificate used for the encryption and decryption of the data. In the first case, the same key is used for both cases, while in the second, there are keys to encrypt and others to decrypt," he adds.
Work tools
Like any other job, cryptography has some tools that are implemented to protect the data, these tools are handled in different cases depending on the application of encryption that is required.
Some of them can be backup or backup, which includes a type of encryption, this is given, for example, when accessing a web page called secure, because it does so through an encrypted protocol based on the use of certificates.
Ignacio comments that one of the best known encryption tools is PGP (Pretty Good Privacy), which has its free and open source version in gnuPG, but that there is a wide variety of tools depending on the use and the medium.
Encryption has two simple techniques that refer to classical cryptography, which uses simple algorithms to secure texts: substitution and transposition. The first is based on changing one character or characters to another (letters, symbols, digits) and the second involves the ordering of the elements of the original message.
While the encryption hides the information, the decryption is responsible for revealing it from a cryptogram and the key.
Types of encryption
Most of the encryption systems that are used today are applied to different communication systems such as computers, electronic and cellular agendas, generally these encryption methods belong to two categories: symmetric key or public key or asymmetric.
Some algorithms use the same key or key to encode and decode data while others use different keys.
In symmetric encryption or private key, the receiver and the sender use the same key to encrypt and decrypt the message, if the receiver does not know the key in advance he will not be able to decrypt the message.
Asymmetric or public key cryptography is based on the concept of key pairs, so that each of the elements of the pair can encrypt the information that the other key can decrypt. The asymmetric form uses two keys, one private and one public, the first is only known to the sender, and the sender gives several receivers a public key that is used to decrypt the message if the receivers wish to communicate with the sender.
However, experts in the field say that when it comes to implementing public key cryptography on a large scale, another approach is needed, such as digital certificates, which is a digital document in which a trusted third party ensures the relationship between the identity of a subject and its public key.
Ignacio states that data encryption is reliable depending on the method and means used, as well as in the case of asymmetric algorithms, on the length and complexity of the key. The reliability and security of encrypted information will depend on those factors, but well applied, good encryption provides a high level of protection of stored or transmitted information.
Other add-ons
Currently, advances in encryption are accompanied by technological growth, as well as the progress of cryptographic and mathematical sciences in this regard. In recent years, new algorithms and methods have been created or strengthened, reaching theories such as quantum encryption systems, very advanced, but difficult to implement with current technology.
But these developments have not only been seen in the creation or development of new encryption systems, but in the proliferation of tools that bring somewhat simpler methods of encryption to the home Internet user.
There are also some other ways to provide security to information such as the security protocol known as SSL (Secure Sockets Layer), which is used by Internet browsers for the transmission of information. This protocol encrypts the data that is exchanged between the server and the client with a symmetric encrypted algorithm.
On the other hand, the authentication process also enables secure communication between computers. This method is used to verify the information that comes from a source, that is, if the information is authentic it is known who it comes from and that it has not been altered.
Some ways to authenticate a person is through passwords, access cards and digital signature.
Passwords use a username and password that you enter before logging in or accessing an application.
The access card looks like a credit or debit card, some have a magnetic tape and others a chip with the information to authenticate the user, and the digital signature is a cluster of characters that ensure that an electronic element is authentic. This encryption is done asymmetrically, so that whoever owns the original message and the public key of the signer can establish securely, that this transformation was carried out using the private key corresponding to the public key of the signer, and if the message is the original or was altered since its conception. Likewise, the digital signature associates the sender with the message, so that he cannot deny the information sent.
The digital signature standard, DSS, is the best known and is based on public key encryption that uses the digital signature algorithm.
For the good of all
Cryptography has been used by kings to prevent attacks on their kingdoms, by governments to safeguard information that puts the security of the nation at risk, by companies to protect their data and those of their customers and by people to prevent their private information from being known by cybercriminals who seek to affect them, in such a way that this technique offers intrinsic advantages that do not go beyond the security correctly implemented in an environment suitable for it.
However, if there are some disadvantages that lie in the insecurity of the communication channel or the shorter length of a key, because according to Sbampato, when this happens in the case of asymmetric methods it will be easier to "break" the implemented encryption, therefore, when encryption methods are applied it is important to consider these factors.
But how can Netizens be sure that they are on an encrypted web page?
Ignacio explains that "when a URL begins with "https" it means that the "secure" version of the HTTP protocol is being used, which is the one used when browsing the Internet.
The most common browsers recognize that you are on a page whose transmission to the Internet user is encrypted and inform it by means of a padlock somewhere in the browser interface, or by means of some legend that makes it clear to the user that the page is really encrypted. That a page is encrypted is not a guarantee per se that it is secure, but that the information between the computer equipment of the Internet user and the server where the page is hosted is transmitted in encrypted form so that in most cases, it can not be viewed or intercepted by a third party.
Leave your comment