29 lines
1.3 KiB
Plaintext
29 lines
1.3 KiB
Plaintext
|
Encryption algorithms are essential for protecting sensitive information and
|
||
|
|
ensuring secure communications in a variety of domains. They are used for
|
||
|
|
several important reasons:
|
||
|
|
|
||
|
|
* Confidentiality, privacy, and intellectual property protection
|
||
|
|
* Security during transmission or on storage devices
|
||
|
|
* Data integrity, general trust, and authentication
|
||
|
|
|
||
|
|
When selecting encryption algorithms, tools, or combinations, you should also
|
||
|
|
consider two things:
|
||
|
|
|
||
|
|
1. No encryption is unbreakable.
|
||
|
|
2. The strength of an encryption algorithm is usually measured by the effort required to crack it within a reasonable time frame.
|
||
|
|
|
||
|
|
For these reasons, as soon as cryptography is included in a project, it is
|
||
|
|
important to choose encryption algorithms that are considered strong and secure
|
||
|
|
by the cryptography community.
|
||
|
|
|
||
|
|
To provide communication security over a network, SSL and TLS are generally
|
||
|
|
used. However, it is important to note that the following protocols are all
|
||
|
|
considered weak by the cryptographic community, and are officially deprecated:
|
||
|
|
|
||
|
|
* SSL versions 1.0, 2.0 and 3.0
|
||
|
|
* TLS versions 1.0 and 1.1
|
||
|
|
|
||
|
|
When these unsecured protocols are used, it is best practice to expect a breach:
|
||
|
|
that a user or organization with malicious intent will perform mathematical
|
||
|
|
attacks on this data after obtaining it by other means.
|