Data Encryption and Authentication: Risks, Investment, and Examples

Verified

Added on 2023/01/23

AI Summary

This report delves into the critical aspects of data encryption and authentication, essential components for safeguarding sensitive information in today's digital landscape. It begins with a foundational introduction to encryption terminology, including plain text, cipher text, and the processes of encryption and decryption, highlighting the importance of authentication in securing data. The report emphasizes the increasing prevalence of data breaches, citing the 2014 Yahoo.com breach as a significant example, illustrating the substantial financial and reputational consequences of such incidents. It then explores the practical applications of encryption and authentication in various business contexts, such as secure communications, end-to-end encryption, and secure data storage. The report further justifies the need for business investment in encryption, detailing the potential costs associated with data breaches compared to the relatively low cost of implementing encryption measures. It provides a YouTube video link for further understanding. The report also includes multiple-choice questions to reinforce understanding of the key concepts discussed and relevant references.

Running head: ENCRYPTION AND AUTHENTICATION
ENCRYPTION AND AUTHENTICATION
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1ENCRYPTION AND AUTHENTICATION
Table of Contents
Introduction................................................................................................................................2
Real world application in businesses.........................................................................................2
Need of investment in encryption..............................................................................................3
Encryption for business: A YouTube video...............................................................................4
Multiple choice questions..........................................................................................................4
References..................................................................................................................................6

2ENCRYPTION AND AUTHENTICATION
Introduction
Data encryption generally involves the use of words like cipher text, plain text, public
key, private key, decryption and encryption. Plain text is the message that is needed to be
sent. Cipher text is the same message after it is encrypted by an algorithm. This process of
conversion from plain to cipher text is encryption and the reverse process is known as
decryption. The authentication or securing of data is an important part of data encryption.
Nowadays data breach has become increasingly common. For example, in 2014
Yahoo.com suffered a massive data breach due to cyber-attacks where they lost more than 3
billion user mail accounts. The user’s personal data including critical information was stolen
by hackers that ultimately led to a fall of $350 million of Yahoo’s sale price. It is one of the
biggest data breaches till date.
Real world application in businesses
Authenticating and encrypting of data is increasingly used in businesses nowadays,
mainly to secure the data that the system handles. It is also used in increasing the security of
their system and communication channels. Some fields in business where data encryption and
authentication is used are:
1. Secure communications: The most common use of data encryption can be seen in the
encryption of data sent during communications from one system to another (Applications of
Cryptography | UCL Risky Business, 2019). The most common example of such a function is
the client program and server communication. This is used in businesses dealing with web
browser and web server or email client and email server. All this type of channels exchange
important communication data and passwords between them. This can also be seen in HTTP
and HTTPS websites using padlock to secure the sites during transactions. Nowadays every
small to medium enterprises use secure communications.

3ENCRYPTION AND AUTHENTICATION
2. End to End encryption: Security of data and privacy has become an important aspect of
email servers and the Whatsapp application. Previously end to end encryption was not used
hence a server administrator could read the mails or messages while in the process of being
sent. Nowadays thanks to end to end encryption the message in encrypted and made
unreadable after it is sent until it reaches the receiver. This makes the messages secure and
maintains the privacy of the users.
3. Storing data: The large amount of data that is stored in businesses and enterprises are
needed to be stored in separate databases. This type of data are at the highest level of risk as
they are very susceptible to cyber-attacks. The easiest way of securing such information is to
encrypt the drives in which the information is stored. This requires passwords to be
maintained in order to grant restricted access to that data which handles the authentication
part of data security.
Need for investment in encryption and data security
Businesses are more susceptible to attacks due to the nature of the information they possess.
The confidential projects that a company works on or a blueprint of a new prototype needs to
be kept safe and secure from public eyes and competitors. Losing such information may lead
to massive losses for the company or even complete shutdown. Similarly, the data stored in
our mobile devices or the cloud servers of private companies are also susceptible to cyber-
attacks that can steal personal information (Esposito et al, 2016). Such information of lost can
greatly hamper the private and personal lives of the users. So it is of great importance to
encrypt the data.
Thus investing in encryption will keep the data safe and secure away from hackers and cyber
criminals. It will also provide an option to keep backup of the data so that it can be rolled
back in case of emergency. This option is nowadays given by most security service

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4ENCRYPTION AND AUTHENTICATION
companies. The third benefit is that encrypted hard disk drive data can be totally erased
leaving no way to recover that data. This is especially useful when replacing old hardware
with new. So, encryption can provide us with three benefits and is an area worth investing.
A research in the United States estimated that the average cost of a potential security breach
to be around 4 million dollars (Factors, 2019). The average cost of securing a computer using
a standard encryption package per computer in a company comes to around $235. This could
save up to $20000 per device in comparison to the $4 million data breach cost. So, it is wiser
to invest in encryption and data authentication to secure the system.
Encryption for business: A YouTube video
Link: https://www.youtube.com/watch?v=1RDpnOIVVzE
Multiple choice questions
1. What is the text called after it is encrypted?
a) Gibberish text b) Plain text c) Missing text d) Cipher text
Answer: d
2. What type of encryption is used in Whatsapp?
a) Symmetric b) Blowfish c) End to end d) RC4
Answer: c
3. How do we know whether a website has encryption?
a) By looking at its URL last digits

5ENCRYPTION AND AUTHENTICATION
b) By looking at the Padlock sign
c) By looking at the web site design
d) By looking at its contents
Answer: b
4. What are the 3 main benefits of data encryption?
a) Money, profit, revenues
b) Security, data backup, total data erase
c) Data visibility, easy access, quick download
d) Fast speed, smoother access, more readability
Answer: b
5. What is the average cost of data breach in the United States?
a) $2 million
b) $10000
c) $500
d) $4 million
Answer: d

6ENCRYPTION AND AUTHENTICATION
References
Aljawarneh, S., & Yassein, M. B. (2017). A resource-efficient encryption algorithm for
multimedia big data. Multimedia Tools and Applications, 76(21), 22703-22724.
Applications of Cryptography | UCL Risky Business. (2019). Retrieved from
https://blogs.ucl.ac.uk/infosec/2017/03/12/applications-of-cryptography/
Esposito, C., Castiglione, A., & Choo, K. K. R. (2016). Encryption-based solution for data
sovereignty in federated clouds. IEEE Cloud Computing, 3(1), 12-17.
Factors, P. (2019). Encryption: The Cost, The Protection, and the ROI. Retrieved from
https://blog.primefactors.com/encryption-cost-protection-roi
Jayapandian, N., Rahman, A. M. Z., Radhikadevi, S., & Koushikaa, M. (2016, February).
Enhanced cloud security framework to confirm data security on asymmetric and
symmetric key encryption. In 2016 World Conference on Futuristic Trends in
Research and Innovation for Social Welfare (Startup Conclave) (pp. 1-4). IEEE.
Lozupone, V. (2018). Analyze encryption and public key infrastructure (PKI). International
Journal of Information Management, 38(1), 42-44.
Rösler, P., Mainka, C., & Schwenk, J. (2018, April). More is less: on the end-to-end security
of group chats in signal, whatsapp, and threema. In 2018 IEEE European Symposium
on Security and Privacy (EuroS&P) (pp. 415-429). IEEE.
Tankard, C. (2017). Encryption as the cornerstone of big data security. Network Security,
2017(3), 5-7.