Cryptography is a method of protecting communication and data through the use of codes, so that only the ones with authorized access can read and/or process it.
Stating that cryptography is a fundamental security control is by no means an exaggeration; for millennia, military communications have been ciphered and thus protected with the use of some cryptographic model. From the era of Caesar with a basic substitution cipher, through World War II with the famous Enigma machine used by German forces. Even today, nations’ secrets are protected with what is still called military-level encryption.
Of course, data protection has long moved on from being an issue restricted solely to the military. As expected, businesses and even individuals make use of encryption to protect their data, from a simple home Wi-Fi network to personal data regulations by the GDPR, and financial transactions that require confidentiality, integrity and non-repudiation.
Yes, encryption is a key information security control, but let me introduce you to a hard reality: All you need to break even the most sophisticated encryption is time and processing power. Fortunately, while an encryption algorithm such as Caesar’s (which is over 2,000 years old) can be broken in a matter of minutes by a regular PC, algorithms’ current mathematical models such as AES, RSA or ECDSA are safe against brute-force attacks, even with massive processing power. It would take a long, a long time, centuries, to break a current cryptography correctly implemented with a reasonable size key.
Everything would be perfect, but as perfect is something rarely associated with information security controls, here comes a new threat: Quantum computing.
What Is Quantum Computing?
Quantum computing is a new way of computing. In a conventional computer the quintessential information particle, the bit, can only exist in two states, 0 or 1. A (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Claudio Dodt. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/szk4xmo5-Mo/