Perfiles Tecnológicos

Desarrollo de sotfware & IT Outsourcing

Data Encryption with AES

Data Encryption with AES


Data Encryption and its Benefits

Data security must be considered part of the management of your systems. Disregarding the risks of security breaches leads to your software being vulnerable to different situations, for example, exposing sensitive information, allowing users actions that should be restricted for them, opening doors for hackers, and so on.

Encryption is a solution to protect your information. To encrypt data is the process of taking the original information and creating a ciphered result that is unreadable, according to Porter (2020), a writer who works for NortonLifeLock. The idea is that only the person with the correct key can decrypt that result and have access to the original content.

There are many other benefits beyond just securing your secrets. The experts from Kaspersky (2020), another important company specialized in security, highlight that “encryption also provides a means of proving that information is authentic and comes from the point of origin it claims to come from.” Therefore, encryption is a must; it is not only necessary, but expected.

However, “you should never, ever, try to implement your own security using code that you have written” (Miles, 2019, p. 237), even if there could be developers in your team that want to create their own security functionalities. Nowadays, there is a variety of algorithms and protocols that have been tested and approved by official institutes and agencies.

AES Encryption

One of the main standard algorithms that is used worldwide to encrypt and decrypt data is the AES (Advanced Encryption Standard). At the beginning, its name was Rijndael, and it was created by Joan Daemen and Vincent Rijmen, two Belgian cryptographers. But, after it won a competition against other algorithms, it was finally named AES by NIST (National Institute of Standards and Technology). It became the new standard for the government of the United States in 2002. Then, one year later, it started being used to protect classified information and was approved by the NSA (National Security Agency) to cipher top secret information, as Mardisalu (2017) explains in one of his security articles.

Technically, AES is a symmetric encryption algorithm, and categorized as a block cipher, because, as Allen (2006) describes, it takes a block of plain text input and a block of encryption key to generate a block of cipher text.

Common Uses

Some examples of tools, applications and systems that Mardisalu (2017) found in which AES is used by multiples companies are:

  • The protection of compressed files in compression tools like 7Zip and WinZip.
  • Tools for encrypting files, partitions or disks like BitLocker.
  • VPN (Virtual Private Networks).
  • Messaging applications like WhatsApp and Facebook Messenger.

AES in C# Language

This ciphered algorithm can be used in two different ways in the C# programming language. RijndaelManaged is the class to use the classic version of Rijndael, and Aes class is the version that implements the algorithm AES with the default settings established as a standard. Microsoft (2020) recommends using Aes class instead of RijndaelManaged to meet the security standards.

 

References

Miles, R. (2019). Exam Ref 70-483 Programming in C#, Second Edition. n.p.: Pearson Education.

 

Author: Antony Sandoval Bonilla.

 


Related Posts

What are digital platforms anyway?
What are digital platforms anyway?

These days it is very common to confuse the term “digital platforms” with the definition of “social network” or “communication platforms,” since social platforms are where users share interests and likes, as in Facebook, Twitter, Instagram and others; while digital...

Do you know the 5G War?
Do you know the 5G War?

We have all heard about the new 5G technology at some point: it is not just a speed advance in terms of 4G, but a whole world of unimaginable connectivity, where basically any device with the ability to connect to...

Azure Network Watcher
Azure Network Watcher

Migrating local environments, also known as on-premises, to the cloud, the generalization is the disengagement of the infrastructure or the platform management, software included. This is a reality, since, currently, technology has enabled the possibility to prove several service models...