By Hoayran Moreira Cavalcanti

Encryption is a set of techniques employed to encrypt data and to give decryption permission only to those who have the key to access the message. In this way, it guarantees that the confidentiality of the data can be assured, either in its storage or in its communication process.

Depending on the algorithm used, this communication may become quite complex. However, before giving up its use due to its complexity, we want to show that encryption, as difficult as it may seem, is now easier to use due to the advancement of applications, especially those hosted in the cloud.

The current means of communication have become extremely necessary for us to live, be together and exchange information; it is therefore impossible to be dispensed with, since they are essential to contemporary lifestyles. While we live and communicate, our data is being collected, stored and used in many ways; often even without our consent. Obviously, not everyone knows where this data is stored, nor in which “cloud” it is found.

Who can guarantee that your ISP, or even that software, app or service you use every day is encrypting your data from point A to point B properly? How do we ensure that our data is encrypted from end to end? Without ensuring proper encryption to protect our messages, we can be sure that our information can be intercepted in many ways, as this is not one of the missions that encryption is expected to avoid.

Many cases prove that ordinary users and businesses — from small, medium or large sizea — are targets for attacks and information theft on a daily basis. As a result, we have numerous privacy breaches happening every second, such as password leaks, or exposure of personal data on the web, among others.

Encryption is an additional layer of security that should be used in all types of communication, both if it has secret contents or not. For the simple fact that, if someone reads a mere “good morning, how are you?” without the proper consent of the sender or receiver, it can be configured as an invasion of privacy.

People all over the world have always got used to running the risk of having their conversations ‘leaked’, whether by someone who maliciously listens through a door, or by someone who inadvertently only stands at the next table, or in the same row on a bench. Everyone is aware of the risk they run when communicating in shared physical spaces, whether private or public. Well, the risk is also the same for communication through systems connected to the Internet. Without proper encryption, what is intercepted can also be interpreted. Therefore, its use is essential. And essential in both cases, both physical and digital. For this reason, history of criptography goes way back before the Internet, era. See the classic example of the Zimmermann Telegram.

As we mentioned at the beginning of this article, cryptography consists of techniques to encrypt data in order to “shuffle” the information, ensuring that only the sender and the recipient can interpret it. Some of these techniques are simple and rely on alphanumeric codes, such as the Zimmermann Telegram; and Caesar cipher — where each letter of the text is replaced by another, with a certain number of positions being shifted left or right.

It is known that there are several types of cryptography, each one using a type of key; which can be symmetrical or asymmetrical:

Symmetric — It is when the same key serves both to encrypt and to decipher the data. In other words, a single key is used to open point A and point B of the communication. Ex: sites using the HTTPS protocol.

Asymmetric, or “public key” — This is when a pair of keys is used for communication; the public key being widely disseminated, while the private key is known only by the owner; e.g.: Digital signature. That is, a public key is used to encrypt information, and the receiver holds the “private key” to open the information.

All web addresses start with HTTP or HTTPS. This ‘S’ is what guarantees the encryption of the data trafficked there, thus making it more ‘s’afe. Communication on the web involves numerous risks, especially if the user is connected to a public wi-fi network. In terms of security, this is something of concern; since any knowledgeable of communication protocols, with a little more experience in networks, can gain access to it, and thus monitor connections. Therefore, we always recommend the use of a VPN (Virtual Private Network). If this is not possible, you should restrict access to sites that use HTTPS (Secure Web Communication Protocol) protocols. Still, it is important to remember that sites with HTTPS protocols also present risks, even if they are reduced compared to others that use HTTP. This is because even HTTPS sites make use of symmetric keys; and sometimes present their login form in HTTP. That is, HTTPS sites are certainly more secure than HTTP sites, but they still have security flaws that can be exploited.

Some operating systems have several encryption software. Windows, for example, provides endpoint and hotplug encryption for pendants and external HD, through BitLocker.

There are also private products, which medium and large companies use, such as PGP (Pretty Good Privacy) and Symantec Endpoint Encryption (SEE), from Symantec, a company specialized in Security products, which was recently acquired by Broadcom, and which provides since disk encryption for Endpoints until communication servers encryption.

Below are some links to private VPNs that can help protect information on public networks:

· NORDVPN (https://nordvpn.com/pt-br/);

· ExpressVPN (https://www.expressvpn.com/pt/features/vpn-trial);

· Hide.Me (https://hide.me).

Among the ones above, only the latter is free, with a limitation of 10gb per month, being available for use on only one connected device per account. Always remembering that all work must be somehow remunerated, and what is presented as “free”, actually charges in another way, such as offering advertising to the user.

Given the current situation of social isolation and forced quarantine resulting from the global pandemic against the VOCID-19 virus, the work through Home Office has increased categorically. The businesses that are managing to stay open are precisely those that can offer their services at a distance. People and businesses are adapting, and often reinventing themselves, to remain active in the labor market in the face of this global pandemic. That is why it is necessary for them to expand their knowledge about security to surf the web, and thus protect both personal and corporate data.

Encryption is available to anyone who cares about increasing the level of security of their data; and consequently, their privacy. However, it is worth noting that even encryption cannot guarantee 100% security of the data transferred. Since no means of communication is totally reliable, since the resources used to try to break this security evolve daily. This does not make it negligible; rather, it is even more necessary.