WhatsApp with Encryption?
WhatsApp with Encryption
Securing Data In-Transit and At-Rest
“Let’s say I’m emailing about ‘Black Panther’ within WhatsApp … do I get a ‘Black Panther banner ad?”
The answer, from Facebook[1] CEO, Mark Zuckerberg was, “No, we don’t see any of the content in Whatsapp, it’s fully encrypted.” The continued line of questioning in the same vein asking if some algorithm “reads” the message betrays how much the term “fully encrypted” is misunderstood. But that’s only half the story. Any data, even Whatsapp messages, is either data in motion across networks, or data at rest, on a server or storage device. Data in transit is considered more vulnerable, but data at rest is a juicier target.[2] Data encryption is so pervasive today that it is virtually impossible to send information electronically without using some form of data encryption.
Data Encryption
Data encryption is defined as: the use of an algorithm to obfuscate information so it can be securely transmitted between two parties without being deciphered. Data encryption began with the advent of computers, and has become necessary thanks to hackers who have taken advantage of their ability to tap internet communication. Data encryption can be broken into two categories: Data At Rest and Data In Transit.[3]
As you may know, data travels in packets with headers that serve as address labels with information about how to reassemble the data once it gets to where it is going. The most secure form of data transmission is fully encrypted on a point-to-point tunnel.[4] The idea is that encrypted data packets are unreadable by anyone without a quantum computer or a billion billion years to try all the possible combinations to decipher them.[5] Tunneling can be done in several different ways using different protocols and levels of the OSI model (like the Transport- or Data-Link Layers) and each provide their own level of security vs performance.
Data in Transit
Data in transit refers to data that is being transmitted between two or more devices. Data in transit can be encrypted using a variety of different algorithms, but the most common algorithm is Transport Layer Security (TLS). TLS is a protocol that is used to encrypt data that is being transmitted over the internet. TLS is a successor to Secure Sockets Layer (SSL), which was the most common encryption protocol until it was usurped by TLS in 2011
Data at Rest
Data at rest refers to data that is stored on either a hard drive or any other storage device. Data at rest is usually encrypted using a key that is known only to the owner of the data. This type of encryption is used, for example, when someone wants to store files on a computer. Data at rest can also be stored in the cloud, which is a service that allows users to store their data on remote servers. Data that is stored in the cloud is also encrypted using a key that is known only to the owner of the data.
AES
AES is one of the most common encryption methods. It uses a key to encrypt and decrypt data. The key can be a password, a number, or a string of text. AES is considered very secure, and is often used for sensitive information such as bank details and credit card numbers.
There are several different AES encryption methods, each with its own strengths and weaknesses. AES-128 is the simplest form of AES encryption, while AES-256 is the most complex. AES-128 is faster than AES-256, but less secure. AES-256 is more secure but slower.
Symmetrical vs Asymmetrical
There are two main types of Data Encryption: symmetrical and asymmetrical. Symmetrical encryption uses one key, called “shared secret”, to both encrypt and decrypt information. Symmetric algorithms are fast and efficient but also have a major drawback: The user must exchange keys securely before two parties can communicate with each other. Symmetric encryption solutions provide confidentiality as long as the shared secret remains private. Symmetric encryption solutions are best suited for applications where secure key distribution is not an issue and where data can be safely held for extended periods. Symmetric encryption is not the best choice to secure network traffic, but it can be used if absolute performance and throughput are required.
Quantum Computing Implications
Quantum computing has the potential to change how data encryption and security are handled. Because quantum computers can theoretically break many of the current encryption algorithms, researchers are working on developing new algorithms that are quantum-resistant.
One example of a quantum resistant algorithm is called Quantum Key Distribution (QKD).[6] QKD uses photons to exchange keys between two parties. The keys are generated by each party separately and are never shared online or in any other way that could be compromised. This makes them virtually impossible to hack.
Other proposed quantum resistant algorithms include lattice-based cryptography and hash-based cryptography.[7] However, it is still unclear which of these methods will be most successful in resisting attack by quantum computers.
Despite the potential for quantum computing to break current encryption algorithms, it is important to remember that quantum computers are still in their infancy. It is likely that they will not be able to break all encryption algorithms for many years, if at all. In the meantime, we can continue to use existing encryption methods with confidence.
Conclusion
Data encryption is a complicated topic. It’s not just about encrypting data at rest, or in transit or even when it leaves your company and goes to the cloud-based storage provider. There are many different types of encryption algorithms that you need to be aware of as well as what type of key management strategy best suits your needs for accessing encrypted files on demand from anywhere around the world without compromising security. In this blog post we discussed some basic concepts behind AES, one popular algorithm used by organizations with sensitive data. If you want more information about how 1st Basis Consulting can help keep your organization safe from cyber attacks contact us today!
[1] Facebook bought Whatsapp in 2014. These Confidential Charts Show Why Facebook Bought WhatsApp https://www.buzzfeednews.com/article/charliewarzel/why-facebook-bought-whatsapp
[2] https://digitalguardian.com/blog/data-protection-data-in-transit-vs-data-at-rest
[3] https://docs.aws.amazon.com/whitepapers/latest/logical-separation/encrypting-data-at-rest-and–in-transit.html
[4] Actually data on a storage medium is probably more secure, but that violates our definition of “in transit”
[5] https://www.kryptall.com/index.php/2015-09-24-06-28-54/how-safe-is-safe-is-aes-encryption-safe
[6] https://www.nsa.gov/Cybersecurity/Quantum-Key-Distribution-QKD-and-Quantum-Cryptography-QC/
[7] https://www.isara.com/blog-posts/hash-based-cryptography.html
PHOTO CREDIT
https://pixabay.com/images/id-1863880/
https://pixabay.com/images/id-5475661/
https://pixabay.com/images/id-3044387/