Instructions:

Match common encryption algorithms and methods with the scenarios representing real-world business applications and requirements. You may use the course textbook and the Internet to research encryption algorithms and methods.

Common encryption algorithms and methods:

Data Encryption Standard (DES)

Rivest, Shamir, and Adleman (RSA) encryption algorithm

Triple DES

Diffie-Hellman key exchange

Elliptic curve cryptography (ECC)

Blowfish

Secure Sockets Layer (SSL)

Transport Layer Security (TLS)

Advanced Encryption Standard (AES)

Digital signature

Scenarios:

Encryption Algorithm/Method

Scenario

Top Ads is a small advertising company consisting of 12 computers that have Internet access. All employees communicate using smartphones. Top Ads' primary concern is protecting the data on the smartphones. Select an encryption solution that best protects the smartphones and justify the recommendation.

Shovels and Shingles is a small construction company consisting of 1 multi-purpose server and 25 networked workstations. All employees have Internet access and use email. A few employees use tablet PCs in the field. The company's biggest concern is that a wily competitor will send email messages pretending to be from Shovels and Shingles in order to get confidential information. Select an encryption solution that best prevents a competitor from receiving confidential information and justify the recommendation.

NetSecIT is a multinational IT services company consisting of 120,000 computers that have Internet access and 45,000 servers. All employees communicate using smartphones and email. Many employees work from home and travel extensively. NetSecIT would like to implement an asymmetric general-purpose encryption technology that is very difficult to break and has a compact design so that there is not a lot of overhead. Select an encryption solution that best meets the company's needs and justify the recommendation.

Backordered Parts is a defense contractor that builds communications parts for the military. The employees use mostly web-based applications for parts design and information sharing. Due to the sensitive nature of the business, Backordered Parts would like to implement a solution that secures all browser connections to the web servers. Select an encryption solution that best meets the company's needs and justify the recommendation.

Confidential Services Inc. is a military support branch consisting of 14,000,000 computers with Internet access and 250,000 servers. All employees must have security clearances. They communicate mainly through internally secured systems. Confidential Services Inc. is concerned that sensitive information may inadvertently be exposed and wants to implement a symmetric file encryption algorithm that is strong but fast. Select an encryption solution that best meets the company's needs and justify the recommendation.

It is the best choice for the security of smart phones. AES is symmetric algorithm. It uses keys of 128, 192, and 256 bits and encrypts and decrypts fixed blocks length of 128 bits. It is effective in encryption of all forms of electronic data. AES encryption is most widely used in smart phones to protect confidential data stored on the device such as bank account information, personal pictures, social security number etc. It is considered as unbreakable encryption algorithms. For example if smartphone is using AES 256 encryption algorithm to secure its data from attacks, the encrypted data cannot be attacked if the key length is 256-bit as there would be 2256 possible combinations, and a hacker has got to try most of the 2256 possible combinations to guess they key which would take time beyond human lifespan.

Scenario 2: Digital Signatures

It is an electronic signature that is used to authenticate the identity of "message sender". It also makes sure that real content of the message has not been changed during transit. Since the company's concern is to protect confidential information from a rival so it the better choice as it assures authentication of message source and data integrity. Digital signatures generate a unique hash of message and use sender's private key to encrypt it. After it the message is signed digitally and sent. Receiver produces his own hash of message. He uses senders's public key to decrypt sender's hash and compares with his own hash. If they match it means the sender is the real one and the message contents are not altered.

Scenario 3: Elliptic curve cryptography (ECC)

It is an asymmetric general-purpose encryption technology. The basic idea behind this method is to generate simple, short, fast and difficult to break encryption keys. This is what the company requires that encryption technology must be general purpose, difficult to break. It uses elliptical curve theory for generating cryptographic keys instead of using large prime numbers. It is efficient to use for smartphones. ECC does not require much processing power and memory. This results in less overhead faster response time and throughput on Web servers when ECC is being used.

Scenario 4. Secure Sockets Layer (SSL)

It is a standard security technology for setting up an encrypted link between a server and a client (in this case web browsers and web server). SSL is a security protocol that transmits sensitive information securely. As we know data transmitted between browsers and web servers is sent in the form of plain text. If a hacker is able to seize data being transmitted between a browser and a web server, they can misuse that information. So SSL makes the web servers and web browsers to communicate with each other securely. When transmitting confidential information, a web server and browser set up a secure connection using SSL certificate. The link between web server and browser is encrypted by SSL which makes sure that all data transmitted between them remains private and protected. Due to the sensitive nature of the business SSL is most suitable solution to keep sensitive information sent across internet encrypted making sure that only intended receiver can access it. SSL certificate is used for authentication purpose. For making sure that information is sent to right server, web browsers give indication of secured connection via a lock icon attached or uses https.

Scenario 5: Advanced Encryption Standard (AES)

Confidential Services should choose AES. It is a symmetric encryption algorithm for protecting sensitive data. This means it uses symmetric key encryption in which only one secret key is used to encrypt and decrypt information. This algorithm is also used by U.S. Government agencies to secure sensitive material. Refer to the scenario 1 for more details about AES. It is a fast encryption standard. It is used in both hardware and software. Also it is strong in a sense that it comes up with an option for various key lengths. AES allows a 128-bit, 192-bit or 256-bit key and are practically unbreakable by brute force based on current computing power