This video covers the basics of encryption and decryption, including an overview of symmetric and asymmetric algorithms and hash functions.
- [Instructor] Encryption is taking plaintext that's human readable and running an algorithm to make it unreadable. The unreadable form is called ciphertext. Decryption is the opposite, converting it back to the original plaintext. Encryption algorithms are public and well tested, and they're divided into two types: symmetric and asymmetric. Symmetric algorithms use a single cryptographic key for both encryption and decryption.
This means that the key you use to encrypt your data, has to be passed to the receiver so they can decrypt it. This raises the issue of how to securely exchange and store your key. If you can't protect your key, private data will be exposed no matter how complex the algorithm. It's important to always use widely accepted algorithms. Advanced encryption standard, or AES, was adopted by the US government and is becoming the world wide standard.
Symmetric algorithms also have the advantage of being fast and well suited for large data. Next, we'll review asymmetric algorithms, also called public/private key cryptography. This is because they use a key pair with a public and private key. The keys are generated together and the public key is distributed to other parties to encrypt their data. The private key is kept secret and is used to decrypt the data that was encrypted with the public key.
Let's say I want to exchange a secure message with my friend, Jane. She generates a key pair and sends me the public key which I use to encrypt the message. I then send her the message and she decrypts it with a matching private key. We never have to share a secret key in this process. Asymmetric encryption relies on complex calculations and is slower than symmetric encryption. So it's typically used for smaller data.
The secret key used in symmetric encryption is often encrypted with public key cryptography. This is a hybrid approach that combines both types of encryption. Messages are secured with a symmetric algorithm and the secret key is protected using asymmetric encryption. Another way to protect data is to use hash functions. These take a large set of data and generate a hash value with a fixed length.
It's difficult or impossible to convert the hashed value back to the original. That's why passwords are often hashed before being stored in a database. If two sets of data are identical, their hashes should also be the same. Even a small change in the data will generate a different hash. Digital signatures and data integrity often use hash functions. Hashing algorithms like MD5 and SHA-1 are considered weak.
So, be sure to use a stronger algorithm like SHA-256.
- Securing your app with Identity Framework
- Setting up token authentication in an MVC application
- Integrating external authentication service providers
- Protecting against common attacks such as XSRF and SQL injection
- Protecting sensitive data
- Encryption basics
- Working with cookies
- Displaying error information