Open in app

Sign in

Write

Sign in

Data Encryption

Deepak Goyal
3 min readMay 19, 2020

What is Encryption? Encryption is a technique to achieve Data Security. According to GDPR (General Data Protection Regulation), Data Security is required and very much important.

How does Encryption work?

encryption-process

Plain Data

It is the data that you want to encrypt so that no one can read the actual data. It can be the password, credit-card no. of the user, etc.

Algorithm

Set of Instructions by which the data must be encrypted. You can use any predefined algorithms such as AES and RSA or you can create your own.

Let's take an example of a custom algorithm. In this algorithm, we will convert/change every letter of Plain data to the next coming letter. For e.g. a will be converted to b and b will be converted to c and so on….

Suppose the Plain data is “hello world” and the above algorithm will encrypt this data to “ifmmp xpsme”. But here the problem is, this encrypted data can be decrypted easily as this is just letter masking. Having this type of simple algorithm for all users in your database is not secure.

Another example of a simple algorithm is Base64Encode. You can encode your plain data using base64 but this is also not secure.

So to secure your algorithm, you must use some kind of Key to encrypt your data.

There are two types of algorithms. One is Symmetric and another is Asymmetric.

Symmetric: The algorithm in which the same key is used for encryption and decryption such as AES.

Asymmetric: The algorithm in which different keys are used for encryption and decryption. The key used for encryption is called public-key and the key used for decryption is called private-key. An example of such an algorithm is RSA.

Key

The Key is very important in your algorithm to encrypt the data. The algorithm without the key is not secure. You can consider this a kind of password. For the hacker to decrypt the encrypted data, he/she first has to hack the Key, and then only after that he/she will be able to decrypt your data.

For the AES (Advanced Encryption Standard), Key is called Secret Key.

For the RSA (Rivest–Shamir–Adleman), a pair of public and private keys is used.

Cipher Data

This is the encrypted data.

TIPS:

  1. Choose a unique and secure Key for Encryption/Decryption of data.
  2. Don’t hardcode the Key such as “my-secret”, “my-key” etc.
  3. You must use a separate key for each user. It can be the account creation time of the user.
  4. You can ask for a master password from the user to encrypt/decrypt the user data. But make sure to save this master password also in encrypted form.

Encryption Example

Let's take an example of AES encryption:

Plain Data: Credit Card no. = 355016266388724

Key: For 128-bit encryption, we need a key of length 16. For 192-bit encryption, we need a key of length 24. For 256-bit encryption, we need a key of length 32.

Let’s use 128-bit encryption and consider the key is GQYdm0UqkNRnhbdt

Cipher Data: qoexArimzTTex9QU5K0i8A==

AES: Encryption and Decryption

AES encryption

Encrypt and decrypt text with AES algorithm As you see this implementation is using openssl instead of mcrypt and the…

aesencryption.net

Thank you for reading the article. Let me know if you have any query :)

Encryption
Gdpr Compliance
Aes
Data Security
Anonymization

--

--

Deepak Goyal

Written by Deepak Goyal

38 Followers

I’m a Software Engineer. I love programming. #java #android #kotlin #dart #flutter #firebase

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams