Protect the Key or don’t bother encrypting your data

Published: 15 July 2020

Reading time: 3 minutes

n cryptography, a key is a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it. Encryption is the process of converting plaintext to ciphertext. In simpler terms, encryption takes readable data and alters it so that it appears random. Encryption requires the use of an encryption key: a set of mathematical values that both the sender and the recipient of an encrypted message know. Although encrypted data appears random, encryption proceeds in a logical, predictable way, so that a party receiving the encrypted data and in possession of the key used to encrypt the data can decrypt the data, turning it back into plaintext.

Most people lock the doors of their houses. Most houses have breakable glass windows within a few feet of the door. Smart burglars don’t like to make noise so breaking glass isn’t the best option. A burglar, however, will always check under the mat for an extra key. Storing keys in software is the physical world equivalent of leaving your front door keys under your doormat. (https://internetofbusiness.com/downloads/nCipher_Protect_the_Key_blog_whitepaper.pdf)

A crypto key represented in a binary data scan will look very much like ‘snow’ in that it has a varied pattern. All a hacker has to do is search through data using a relatively unsophisticated program that looks for randomness in a binary data scan. Once the random data is found, it’s highly likely it will be some type of crypto key. Seeing that a company may have a few thousand crypto keys, it doesn’t take long to try these keys against the encrypted data. To put this into perspective, a 256 Bit AES key has 1.15×1077 possible combinations. That’s 115 with 75 zeros behind it. This is a truly unfathomable number of combinations. Even if a hacker finds a few thousands keys, it won’t take them 160 days to try each of them on the encrypted data in order to unlock the data. Trying four keys per minute, a single hacker, in a 16-hour period could test over 3,840 keys. In 160 days, that’s over 614,000 keys.

Keeping the cryptographic key secret ensures confidentiality protection of the protected data. Encryption algorithms are made public to allow for interoperability, ease of use, and more open and effective analysis. The security of the encryption depends on the secrecy of the cryptographic key. The cryptographic key must be kept secret from all entities who are not allowed to see the plaintext. Any person or machine that knows the cryptographic key can use the decryption function to decrypt the ciphertext, exposing the plaintext. If a strong cryptographic key is generated but is not kept secret, then the data are no longer protected.

For more information on encryption processes and technologies contact us: https://alfatec.hr/en/contact/

To make this website run properly and to improve your experience, we use cookies. For more detailed information, please check our Cookie Policy.

  • Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.