The security of your infrastructure is one layer that can not be put aside because of the disaster that can come with ignoring it. Not having security at all for your system is a one-way ticket to infinite hijack and destruction that you never imagined or even planned for. Security of systems is in different layers, but in this article, I want to talk about one part of security that has to do with “scrambling” data so that when it is compromised, it is not valuable to the attacker.
Two terms are usually used to describe this, and though they are used interchangeably most times, it is time to split the log and understand what the difference is between both terms, how they are used, and what the pros and cons of both of them… let’s dive in.
What is Encryption
Encryption involves the use of a cryptographic algorithm and an encryption key to ensure data is secure. This means that the data is only accessible by an authorized user or a system that has the appropriate key to decrypt the data. The ultimate goal of encryption is to secure data so that, in the event of a breach, the data is not relevant to the malicious actor. Encryption is applied in securing sensitive data, such as data of users stored in a database, files and images of customers stored in a storage engine, or protecting transmission of data over a network. Various types of encryption exist. They are:
Types of Encryption
Symmetric
This method of encryption uses the same key to encrypt and decrypt data. This means that when one side encrypts the data, it needs to share the key with the other side to be able to decrypt the data. Which means if this key is compromised, it means the data can be decrypted and easily accessed by a malicious actor.
VPN tunnels use this type of encryption to secure data flowing through the network. Most especially, Site-to-site VPN, where a password or encryption key is shared on both ends and configured for secure communication.
Common encryption algorithms here are: Advanced Encryption Standard, AES for short, and Data Encryption Standard, or DES for short.
Let us talk about the other type of encryption and how it is different from the symmetric method.
Asymmetric
Unlike the symmetric method of encryption, this method does not use the same key for encryption and decryption. Instead, it has two keys: the public key and the private key. The public key is used to encrypt the data, while the private key is used to decrypt the data. The public key can be shared with the system or clients that need to encrypt data, but the private key should be securely stored where the decryption happens.
HTTPS/SSL uses this model to secure communication between your web browser and the backend server on the internet. The website servers share the public key with the browser, which it uses to secure your website details that are stored, and keep the private key. This way, if anyone on the internet tries to sniff the data, they can not decrypt it because they do not have the private key. Common asymmetric algorithms include: RSA and ECC.
Use Cases for Encryption
– Encryption of network traffic via HTTPS/TLS
– Encryption of hard drives to secure the data on them
– encryption of messages (WhatsApp end-to-end encryption)
– VPN tunnels
What is Encoding
Encoding is the process of converting data from one form to the other, not necessarily for security reasons but mostly to put it in a format for easy transmission. The major focus on encoding is to put data in a format that can be understood by various systems and is easily interoperable. This can be very helpful in creating standards across disparate systems and hastening data transfer.
In the early days of websites and the internet, there was no standard way for websites to communicate and share data efficiently. The XML and JSON were invented. Both XML and JSON are encoding industry standards for systems to communicate and exchange data seamlessly and efficiently. Most of the APIs running on the internet expose their data in JSON format, which has become an industry standard for sharing information across systems.
Types of Encoding
URL Encoding: This involves converting URLs to a specific format to ensure accurate transmission over the internet, especially when the URL has special characters
Base64 Encoding: This involves encoding binary data into ASCII format for transmission over media for handling text, such as URLs
Audio and Video Encoding: This involves converting a video into a different format for the purpose of streaming. For example, converting a large video file from .avi to .mp4
Binary Encoding: Involves converting data into a binary format for easy processing and storage. Videos and images are usually stored in 0s and 1s
Character Encoding: Representing characters using a specific set of codes, e.g. ASCII code or the Unicode
Difference between Encryption and Encoding
– While encryption uses keys and algorithms to encoding does not
– The focus for encryption is security, while the focus for encoding is data transmission
– Encryption requires a key for decryption, but encoding usually does not require a key
Conclusion
Understanding the difference between these two methods of securing data and using them in the right places will determine how secure and safe your data and systems are. It is important to use encryption for highly sensitive data and encoding for less sensitive data.
