Much is said about encryption for web applications, but few programmers really master the concept. In short, cryptography is based on sending and receiving information securely. A set of techniques and concepts is responsible for making the data to be hidden when transmitted from a sender to a receiver.
In programming, encryption is the use of keys that make the uploaded data to be “hidden”. A set of bits based on a particular algorithm is able to encode and decode the information. In this case, cryptography utilizes keys – if the receiver does not have a compatible key with the key of the issuer, the information may not be displayed.
There are two types of keys that can be used within the concept of encryption in programming. These are symmetric and asymmetric keys.
This type of key is the simplest. Transmitter and receiver make use of the same key, i.e., a single key is used for encryption and decryption of information. There are in the market many algorithms using symmetric keys, for example, DES, IDEA and RC.
Symmetric keys, however, need attention with regard to its use. Its use is not appropriate in situations where information is very valuable. At first, you must use a lot of keys if many people or entities are involved. One should also be careful also about the key usage, since the chance of an intruder get the key to decode the information is much higher.
Also known as “public key”, this type of key works with two types: private and public. The public is created for issuers, regarless the quantity of them. The private one is sent only to the recipient, this, in turn, is secret and should not be shared with anyone else.
Among the best known asymmetric Keys, we highlight RSA and Diffie-Hellman.
Some features, present in the web world, also use this same concept, the digital document certification is one of them.
Data can only be considered encrypted if it follows four basic principles: confidentiality, authentication, integrity and non repudiation (where the receiver accepts the sending of information). Therefore, ensure that these four principles are covered is what makes a potentially secure information.