Encryption

Cryptography is the practice and study of hiding information and today it is most often thought of comprising of two related parts, encryption and decryption.

Encryption is a process of converting information into an unreadable or unrecognizable form. Encryption is a typical privacy safeguard; most often it is used to transmit or store sensitive information that should not be disclosed to unauthorized users. Most of the encryption algorithms today make use of an encryption key, a special and unique block of data that enables transformation of "plain text" (readable information) into "cipher text" (encrypted information).

And the reverse process to encryption is known as decryption, and converts cipher text into plain text.

There are two major types of cryptography, symmetric key and asymmetric, or better known as public key cryptography. In symmetric key cryptography the same key is used for both encryption and decryption. In asymmetric cryptography encryption and decryption keys are related, but different.

It is also important to remember that different types of encryption are used to protect data in transit and data at rest. Or even more important, one needs to recognize when encryption stops protecting the data. For example, when a user accesses a website with sensitive information, Secure Socket Layer (SSL) or Transport Layer Security (TLS) encryption is most likely used to encrypt the data in transit. This type of encryption does nothing to protect data at rest.

The most common uses of encryption are: protecting communications using SSL / TLS; encrypting files, directories, hard drive partitions or whole disk; encrypting email and other communications. There are plenty of software, hardware and service vendors that provide or support every kind of encryption.

The list of recommended vendors below is by no means is exhaustive nor endorsing, but we simply have had good experience using the listed products:

• SSL encryption: GeoTrust Certificates are available through our digital certificate purchasing process
• TrueCrypt: a multi-platform software for files, partitions and whole disk encryption.
• PGP (Or GPG): email encryption (link), University IT Security Office public key
• S/Mime: email encryption - you can use Thawte personal email certificates if needed.

References:
http://en.wikipedia.org/wiki/Portal:Cryptography
http://www.ietf.org/rfc/rfc2246.txt

To check the validity of a certificate of any SSL site: https://www.networking4all.com/en/support/tools/site+check/