Understanding Cyber Crimes, Encryption, and Data Privacy
Cyber Crimes
Denial of Service Attack
This type of attack, often referred to as DoS, is a method of preventing a server or a website from running by sending an overwhelming number of requests. This usually results in a website being unable to display content or a service from servicing legitimate users. DoS attacks may vary in duration and can target different sites simultaneously. When the attack is coming from many different devices it is called a Distributed Denial of Service attack. Most such successful attacks occur when the attack is distributed (DDoS) (Cert-UK, 2014). Here the attacker uses different devices as attack vectors to bring down the victim’s site or server.
Hacking
Hacking is obtaining access and information from a computer by unauthorized means. It involves identifying a weakness in computer networks or systems and exploiting that weakness to gain access. For instance, an algorithm that cracks passwords can be used to gain access to a computer system or network (Alpna & Malhotra, 2016). Hacking can be used to commit more computer crimes since it gives an attacker access to information and computer systems. After which, the attacker can go on to commit fraudulent acts, invade privacy, steal personal data and financial information among others.
How encryption ensures privacy and integrity of data
Encryption transforms data to another form so that only the persons with the decryption key can read it. Usually, the data that is encrypted is called cyphertext. Encryption is one of the most effective methods for ensuring data security. Encryption plays into three security premises: integrity, confidentiality, and availability. Data integrity means that the data one has is accurate and has not been modified or altered. The main role of data encryption is to protect the confidentiality of data in transit or at rest. Modern encryption methods have replaced the outdated data encryption standards (DES). These encryption algorithms provide confidentiality of data and drive key security initiatives such as authentication, non-repudiation, and integrity. Authentication helps in verifying the origin of a message, and integrity proves that the content has not been changed since it was sent.
RSA encryption algorithm
RSA is one of the first cryptosystems that used public keys and was used extensively in securing the transmission of data. In this cryptosystem, the key used for encrypting data is public and is not the same as the key used for decrypting data. The decryption key is kept private. In RSA, the asymmetry is based on the factoring problem. This is the prime challenge in factorizing the product of two large numbers. This algorithm gets its name from the names of its creators: Rivest, Shamir, and Adleman. A person who uses RSA creates a public key and publishes it. The public key is based on two large prime numbers and an auxiliary value. The prime numbers must not be disclosed to other parties.
Using the public key, anyone can encrypt information or a message. With the methods that are currently published, and if the public key value is large enough, only the person who knows the prime numbers can feasibly decode the information or message (Kalpana & Singaraju, 2012). Since RSA is an algorithm that is relatively slow, it is not commonly used to encrypt user data directly. RSA is mostly used to pass encrypted shared keys for symmetric cryptography, which can, in turn, carry out a lot of encryption-decryption operations at faster speeds.
Considerations for implementations
It is important to note that the implementation of the RSA algorithm is only secure if it chooses two sufficiently large prime numbers. This will require a super-polynomial amount of time with respect to the number. However, to the present day, no one has been able to prove that the process of factorizing numbers require time that is exponential to the numbers. Currently one needs the length of keys to be 1024 to be able to get the same level of security that that 512-bit number provided in the 1980s.
Some of the aspects one must consider when implementing the algorithm are whether the data is in transit or at rest, where the date is being stored, whether the data is highly classified or sensitive, the value of the data to any other person, the length of time the data will remain valuable, whether the concern is about theft or loss (Jackson, 2009). Determining such aspects helps in determining whether or not you should implement the algorithm. One must determine the strength they will be using for encryption and judge whether it is suitable.
In the present day, however, the increasing power of handheld devices and the increasing efficiency of cryptographic tools reduces the overhead time or computation. This, in turn, makes the time of implementation to be a lesser issue when selecting an algorithm. The challenge can only be how the keys are stored.
References
CERT-UK. (2014). Denial of Service Attacks: What You Need to Know. Retrieved from https://www.ncsc.gov.uk/content/files/protected_files/guidance_files/Denial-of-service-attacks-what-you-need-to-know1.pdf?platform=hootsuite
Alpna., & Malhotra, S. (2016). Cybercrime – Its Types, Analysis and Prevention Techniques. Retrieved from http://ijarcsse.com/Before_August_2017/docs/papers/Volume_6/5_May2016/V6I5-0315.pdf
Kalpana, P., & Singaraju, S. (2012). Data security in cloud computing using RSA algorithm. IJRCCT, 1(4), 143-146.
Jackson, W. (2009). The key to strong encryption: Matching the right tools to the job. Retrieved from https://gcn.com/articles/2009/04/20/cryptography-best-practices.aspx\
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
Describe at least 2 cybercrimes (e.g., viruses and hostile codes) and how they can compromise privacy and data.
How can encryption be used to ensure integrity and maintain data privacy?
Describe a basic encryption algorithm and how it works.
What considerations should be taken into account for implementation?