PGP (Pretty Good Privacy) is a program for digital data encryption that offers cryptographic authentication to ensure data transfer privacy. In order to ensure data security comparable to that of postal services, it is used to encrypt and decode files, networks, and systems.
The program was created to close the gap between privacy and the digital age, which is expanding, and to safeguard everyone's private in that world (Sklar, 2001). It is suggested that privacy is more of a concept than a reality in this digital age. This is reflected by the increasing trend in which digital data, such as emails and information stored in databases are being intercepted and abused. This threatens the basis of an individual’s right to privacy as sensitive information in digital format can easily be exposed to the public. Thus, the need for secure systems of communication.
Information Security
It is sensible for individuals and organization to take necessary measures within reason to protect one’s privacy and ensure a resilient and trustworthy communication structure that depicts traits of secrecy and integrity.
Security protocols portray such traits. An instance is that of protocols that assist in the establishment of communication channels with authentication and confidentiality features. An example of a security protocol is cryptography (Pachghare, 2015).
The role of cryptography in information security
Cryptography is a technology that is embedded into products that are utilized by masses of users to address certain types of vulnerability within information and communication structures (Ryan and Schneider, 2001). It is consistent of the computer system security and network security both of which play various roles. Among them is safeguarding computer systems from destruction and ensuring that resources such network connection and access to databases are only available to the users of such information or other systems that are authorized to access this information. Nonetheless, cryptography has a number of competencies.
Confidentiality is observed in the sense that information is protected from being intercepted while in transit during communication or when stored in an information system (Stallings, 2006). With the help of cryptography, information can fall into the hands of an unauthorized party without being compromised.
Authentication is another feature of cryptography. This is an assurance check that certain identity is valid to a particular person or system in a manner that is difficult for an unauthorized party to mimic.
Cryptography satisfies the assertion that a file or message was created, modified or sent by a particular person or entity. As asserted by Stallings (2006), it is this signature that binds the identity of the person with the content of information being transmitted. By doing so, it provides nonrepudiation which, to the user, is the inability to deny the authenticity of that particular information. Information is encrypted by the user’s personal signature, and since the user is the only one who holds the signature, assurance is provided that the signature is valid.
Cryptography based assurance provides the guarantee that a given message or file was created or modified at a given time (date/time stamp).
These features can be applied in complimentary settings. For instance, authentication ensures user control or access to a network or system. The user may use a password to authenticate his own identity, such that only when the proper password has been entered that the system will allow access to the user.
The main advantage of cryptography is that, in the event that an intruder successfully manages to bypass the security protocols, the application of encryption on the data stored provides an additional layer of security that makes it difficult for the intruder to access the stored files and communications or understand the internal functioning of the system. This limits the intruder’s ability to damage the content of the encrypted files that may in most cases contain sensitive information.
Conclusion
The core of information security is a battle between information protection and interception. Protection, motivated by either good or bad intentions, to restrict information access and interceptors, motivated by the same traits, to intercept information in transit (Gritzalis, 2004).
Secrecy is not a preserve amongst humans. It is however a matter of survival in the world of evolution. In times of war or peace, individuals harbor secret thoughts, objectives and emotions that can only be shared with those they trust most, and that need to be concealed from those that might use such information against them. This can only be achieved by encryption systems.
References
Pachghare, V. K. (2015). Cryptography and information security. PHI Learning Pvt. Ltd.
Stallings, W. (2006). Cryptography and network security: principles and practices. Pearson Education India.
Sklar, B. (2001). Digital communications (Vol. 2). Upper Saddle River: Prentice Hall.
Ryan, P., & Schneider, S. A. (2001). The modelling and analysis of security protocols: the csp approach. Addison-Wesley Professional.
Gritzalis, S. (2004). Enhancing web privacy and anonymity in the digital era. Information Management & Computer Security, 12(3), 255-287.
Type your email