Encryption has long been upheld as the gold standard for data protection. Enterprises apply cryptography to encode...
high-value information, so only authorized users can access it. Simply put, when encryption is applied to protect communications, the message is scrambled, so unauthorized users can't intercept it. Only authorized users with the right keys can unlock and unscramble the message.
Hackers hit back
Unfortunately, as with virtually every other IT security mechanism, hackers have found ways to crack cryptocodes, breaching what is commonly thought of as fail-safe protection.
While encryption codes can be difficult to crack, increasingly sophisticated cybercriminals are applying technology to accelerate the process. Armed with reverse-engineering tools, hackers can file through billions of key combinations in seconds. Increasingly, hackers also file away encrypted messages to crack later.
Perfect forward secrecy and other techniques
When hackers steal the private keys, they can unlock data from both encrypted future and past sessions. Cryptographers came up with a scheme to safeguard past-session data in the 1990s, but it was not widely implemented until well after the turn of this century.
That scheme, perfect forward secrecy (PFS), uses a mechanism to create a new key every time a user sends a new instant message. Today, it's primarily used to secure data communications in messaging apps, but its use is not widespread in other areas of web communications. Though every current browser can initiate a PFS session, many HTTP sites aren't compatible.
Perfect forward secrecy support on a site can be tested with tools. Users can also apply other good practices to avoid future issues, such as deleting decrypted messages or moving them to a more secure device.
Double ratchet, meantime, is used to underpin secure mobile messaging apps, like Wickr and Signal. Double ratchet attaches a new encryption key for every individual message, even if the message is part of a string between two individuals.
Tools like these will help enterprises ensure their mobile data is protected, but organizations will always have to exercise an abundance of caution when sharing private information -- even when those communications are encrypted.
Dig Deeper on Network Security Monitoring
Related Q&A from Amy Larsen DeCarlo
Several methods and metrics measure network performance and throughput. But IT needs to gauge these measurements on a consistent basis to avoid major... Continue Reading
When undertaking network performance troubleshooting, organizations can benefit from a mix of passive and active network traffic monitoring to ... Continue Reading
From cabling to capacity issues, IT professionals need to consider all possibilities when rooting out the underlying cause of network performance ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.