Encryption is the only secure method to protect data – but not all encryptions are the same.
What is encryption?
Encryption means converting a readable (clear text) text to a non-readable and uninterpretable text (cipher text). This is done using an encryption method consisting of a mathematical algorithm and a key. Recovering the clear text is called decryption.
Why do companies need encryption?
Today encryption is relevant for all companies in order to protect sensitive data and intellectual property. Only a few companies use forceful encryption, effectively protecting their data. Encrypting security-relevant data in the Cloud plays an even more important role.
What is good encryption?
Not all encryption is the same: the quality of an encryption depends on the quality of the used algorithm as well as of the key length. An encryption algorithm is a rule describing the encryption process. An excellent algorithm alone cannot grant security since security also depends on access to the key. The algorithm acts as the lock for the key. Good algorithms prevent deriving the matching key.
Is Open Source encryption insecure?
No, on the contrary – good encryption methods publish the algorithm used to enable anyone to verify mathematically whether it is safe and correct. Metaphorically speaking, one is showing that the used lock works and is safe. Such a use of the algorithm presents no risk since knowledge regarding the lock’s quality doesn’t mean that one is able to open the lock. Security is guaranteed by owning the key.
Can encryption be “cracked“?
Yes – bad methods of encryption can provide points of attack, enabling the attacker to identify the clear text or the key by using mathematical tricks or statistical analyses. An example is the Caesar code (http://en.wikipedia.org/wiki/Caesar_cipher), where defining the key by statistical accumulation of letters is relatively simple.
One can also attempt to find the matching key by so-called Brute-Force attacks. All possible keys are tried until the correct one is found. This method can also be easily used for the Caesar code as there are only 25 different keys.
Good encryption methods do not have any of the above-mentioned weak points. They are publicly known, and the best crypto-analysts have tried to crack them without success.
But whoever has access to the cryptographic keys may decrypt the data
Even if the encryption is the best, if the attacker gains access to the key he gains access to every system. IT administrators and also attackers use this method.
eperi eliminates this weak point of encryptions
eperi forcefully encrypts all sensitive data using the currently secure (according to BSI) encryption Advanced Encryption Standard (AES).
eperi’s approach is to store the key outside the data and storage systems (e.g., databases) to be encrypted. No system or Cloud administrator (and thus no attacker) gains access to the keys. The key is owned by the company, respectively the appropriate department. Additionally, Hardware Security Module (HSM) and Smartcards may be used. When correctly used, maximum security is provided.