Cryptographic methods to secure data

Data in native formats, such as texts, documents, or spreadsheets, may be easier to read using a suitable application software. For sensitive data, additional controls may be required to prevent unauthorized access or disclosure of such information. Cryptographic methods offer the best solutions for such requirements. By using cryptographic methods, confidentiality and integrity requirements can be addressed more effectively.

The following are some of the common cryptographic methods used in data security controls.

Encryption

When data is encrypted, it means that the data is scrambled or transformed into an unintelligible form with an appropriate key to unscramble it or, in other words, return it to its original form. Without the key, data cannot be read either by humans or other applications. The key is called the crypto variable. This method of data protection will ensure confidentiality.

Hashing

Data may be altered or modified by an unauthorized entity to commit fraud. In order to detect and prevent such unauthorized modifications, hashing or message digest methods are used.

In hashing, based on the contents of the document, a cryptographic value is computed. The computed value is called a checksum. By periodically recomputing the checksum and validating it with the original computed value, it is possible to detect whether the document is altered. This process helps ensure integrity.

Digital signatures

In digital communications, establishing the authenticity of the sender of the message is essential and is very important for integrity assurance requirements.

Establishing the identity of the receiver or sender can be accomplished through digital signatures. In other words, the authenticity of the data originating from the authorized sender and access only by the intended receiver can be achieved through digital signatures and encryption.

Note

Note that cryptography and its concepts and methods are covered in detail in Chapter 7, Day 7 —€ Security Engineering - Cryptography and Physical Security.