Applications of Cryptography | UCL Risky Business (2024)

Table of Contents
Secure communications End-to-end Encryption Storing Data Storing Passwords Cryptography is hard

We’ve talked about the theory of cryptography before; now I will describe some of the main uses of cryptography.

Secure communications

The most obvious use of cryptography, and the one that all of us use frequently, is encrypting communications between us and another system. This is most commonly used for communicating between a client program and a server. Examples are a web browser and web server, or email client and email server. When the internet was developed it was a small academic and government community, and misuse was rare. Most systems communicated in the clear (without encryption), so anyone who intercepted network traffic could capture communications and passwords. Modern switched networks make interception harder, but some cases – for example, public wifi – still allow it. To make the internet more secure, most communication protocols have adopted encryption. Many older protocols have been dropped in favour of newer, encrypted replacements.

The best example is web encryption, since here you can choose between a clear or encrypted version of a website by switching between HTTP and HTTPS in the URL. Most large companies now use the encrypted form by default, and you’ll see that any visit to Google, Facebook, Microsoft Office 365 or other sites will be to the HTTPS version of the site. This is accompanied in recent browsers by extra information, including a padlock to show that it is HTTPS. Something you can try is to click the padlock on an encrypted page, and your browser will tell you more about the page security. It will also tell you the especially relevant fact of the actual site name you’re visiting. Therefore, if you’re entering a password in a page, please do check that it is HTTPS.

See Also
Understanding Cryptography’s Meaning and FunctionA brief history of encryption (and cryptography)What is the CIA Triad? Definition, Explanation, Examples | TechTargetHow to Fix 100% Disk Usage in Windows 10

End-to-end Encryption

Email is one area where encryption is not widely in use. When email moves from server to server, and from server to you, it is encrypted. On the mail server and on your system, however, an administrator can read it. There are options to implement “end-to-end” encryption for email (I use PGP) but email systems are complex and these options are complex. Truly secure messaging systems – where only the sender and receiver can read the message – are those where encryption has been built in from the start. Whatsapp is good; Signal is better.

Storing Data

We all store a large amount of data, and any data is valuable to at least the person who generated it. Every operating system uses encryption in some of the core components to keep passwords secret, conceal some parts of the system, and make sure that updates and patches are really from the maker of the system.

A more notable use of encryption is to encrypt the entire drive, and require correct credentials to access it. UCL has recently implemented Microsoft’s Bitlocker on Desktop@UCL machines, and this means that without the user logging in the data on the drive is completely opaque. If someone took the drive and tried to read it, they would not be able to access any data. This has the occasional side effect of locking the system, so some UCL readers may have had to request the recovery key.

See Also
Cryptography in Blockchain - GeeksforGeeks

One notable point is that many encrypted systems nonetheless allow administrators of the system access. Office 365, for example, uses encrypted communications, but many senior Microsoft staff, and a few UCL administrators, can access the data. A relatively recent development is software to create encrypted containers on a drive. I have recommended Veracrypt to some users who need to create an encrypted volume which is completely under their control.

Storing Passwords

Applications of Cryptography | UCL Risky Business (1)

A cryptographically hashed password

In the last blog post I briefly introduced cryptographic hashing, a one-way mapping of a string to a fixed-length value. One of the main uses of this is to store passwords. It is very risky to store passwords in an accessible way. If stored in plaintext on a system, anyone who has access to the system – legitimate or malicious – can read the password. Encryption is only a partial answer to storing passwords. If someone has access to the system storing the encrypted passwords, they will probably have access to the encryption key to decrypt the password. Hashing, on the other hand, produces a relatively useless value for the attacker. A system will take the password on login, hash it, and compare to the hashed value. At no point will the system – or an attacker – have access to the plaintext password.

Cryptography is hard

The impression you might get from this is that encryption is difficult to implement properly. This is correct, unfortunately! I encourage everyone to use encryption more, and I’m always happy to give advice. If you have any questions, please contact the team.

Filed under Technical

Applications of Cryptography | UCL Risky Business (2024)
Top Articles
Military Insurer USAA Restricts New Business in Florida
How to Save on the Big 3 Expenses
SZA: Weinen und töten und alles dazwischen
Srtc Tifton Ga
Canary im Test: Ein All-in-One Überwachungssystem? - HouseControllers
Find All Subdomains
Seething Storm 5E
Music Archives | Hotel Grand Bach - Hotel GrandBach
Fcs Teamehub
Canelo Vs Ryder Directv
Geometry Escape Challenge A Answer Key
FIX: Spacebar, Enter, or Backspace Not Working
Select Truck Greensboro
Syracuse Jr High Home Page
Taylor Swift Seating Chart Nashville
Buying risk?
Summoner Class Calamity Guide
Mini Handy 2024: Die besten Mini Smartphones | Purdroid.de
Craigslist Mpls Cars And Trucks
Hilo Hi Craigslist
Inter-Tech IM-2 Expander/SAMA IM01 Pro
SF bay area cars & trucks "chevrolet 50" - craigslist
Promiseb Discontinued
Self-Service ATMs: Accessibility, Limits, & Features
Happy Homebodies Breakup
Colonial Executive Park - CRE Consultants
Play It Again Sports Forsyth Photos
Franklin Villafuerte Osorio
R/Orangetheory
Swgoh Boba Fett Counter
Gasbuddy Lenoir Nc
Usf Football Wiki
Are you ready for some football? Zag Alum Justin Lange Forges Career in NFL
Bcy Testing Solution Columbia Sc
Craigslist Freeport Illinois
Samantha Lyne Wikipedia
Atom Tickets – Buy Movie Tickets, Invite Friends, Skip Lines
Best GoMovies Alternatives
BCLJ July 19 2019 HTML Shawn Day Andrea Day Butler Pa Divorce
War Room Pandemic Rumble
Go Nutrients Intestinal Edge Reviews
Nearest Wintrust Bank
Rite Aid | Employee Benefits | Login / Register | Benefits Account Manager
Argus Leader Obits Today
Theater X Orange Heights Florida
53 Atms Near Me
Sam's Club Fountain Valley Gas Prices
Suzanne Olsen Swift River
Generator für Fantasie-Ortsnamen: Finden Sie den perfekten Namen
Latest Posts
Exploring 20+ Best Bitcoin Cloud Mining Sites of 2024
What is the most eaten fruit in the world?
Article information

Author: Margart Wisoky

Last Updated:

Views: 5953

Rating: 4.8 / 5 (58 voted)

Reviews: 81% of readers found this page helpful

Author information

Name: Margart Wisoky

Birthday: 1993-05-13

Address: 2113 Abernathy Knoll, New Tamerafurt, CT 66893-2169

Phone: +25815234346805

Job: Central Developer

Hobby: Machining, Pottery, Rafting, Cosplaying, Jogging, Taekwondo, Scouting

Introduction: My name is Margart Wisoky, I am a gorgeous, shiny, successful, beautiful, adventurous, excited, pleasant person who loves writing and wants to share my knowledge and understanding with you.