Encryption for beginners 2: PGP and hashing

If you want to prevent the wrong people from gaining access to an email with sensitive personal data, you cannot do without encryption. An interesting subject, but a complex one for those who do not come into contact with it on a daily basis. That is why we gave you a short introduction earlier (Encryption for Beginners 1) in which we discussed symmetric and asymmetric encryption. This blog will provide you with an explanation of two terms that regularly occur in this context: PGP and hashing.


Encryption and PGP


For a long time, email was only suitable for sending text, not for images, videos or encrypted messages. Most email programs therefore did not offer good support for encryption. Of course, this made it very difficult to secure messages.

This changed around 1992, with the arrival of the program PGP (Pretty Good Privacy). This not only provided a sound method of asymmetric encryption of messages, but also ensured that those encrypted messages could be included in an email. You can use PGP to encrypt emails for several people at once, provide messages with digital signatures and encrypt images and other files.

In the version of PGP for companies there is a kind of back door: you can set up the program so that it also encrypts each message with the public key of the company. If an employee leaves the company, dies or simply loses his key, the company can decrypt and view his/her messages. This construction prevents valuable data from being lost.

Because PGP was distributed free of charge and with source code, everyone could install it on their computer. This meant it quickly grew to become the standard for email security, and is probably the best-known encryption program in the world. A worldwide network of key servers has been set up, where people can offer their public key and request the public keys of others. In this way one can always send a secure message with the right public key.


Hashing


Then there is hashing. This is not actually an encryption, but an algorithm that scrambles data so that it is no longer possible to see what the original data was. With encryption it is possible to make data readable again, but with hashing this is not the case. Once made unreadable, it remains so.

Hashing is a three-part process: the input (a password), the algorithm (a mathematical formula) and the outcome (the hash). The system knows the algorithm and the hash. With each new input, the system compares the outcome with the original. If the original and the outcome match, then the same data have served as the basis.

The main application of hashing is the protection of passwords. If you enter a password on your computer, the system hashes the password. If the outcome is the same as the outcome that was already stored, you get access.

For example, Bob's password is '0l1fant'. After hashing, this is ‘$2a$04$o1K5mF8j.cj4rnzNuTD.Neaf8PpfbHVWt1oabbVIc5j/GDBaFPXfa’. The computer compares this hash with the hash it stored when the password was set. If they match, Bob gets access.

The biggest advantage of hashing is that a hacker cannot steal the stored password. The only thing the hacker can do is steal the hash. But it is not possible to use the hashed outcome to gain access. If you enter it, the result is again mixed up by the algorithm. If a hacker steals the hash from a computer, he cannot do anything with it.

RELATED
Doctor_laptop_telemedicine

8 reasons telemedicine is making headlines now

It should come as no surprise that telemedicine, sometimes referred to as telehealth or eHealth, has been featured prominently in the news lately. That’s because healthcare systems and professionals are seeking safe alternatives to provide patient care in the wake of the COVID-19 pandemic. While only a fraction of people worldwide have used telemedicine for […]

Read more
Doctor_laptop_telemedicine

8 reasons telemedicine is making headlines now

It should come as no surprise that telemedicine, sometimes referred to as telehealth or eHealth, has been featured prominently in the news lately. That’s because healthcare systems and professionals are seeking safe alternatives to provide patient care in the wake of the COVID-19 pandemic. While only a fraction of people worldwide have used telemedicine for […]

Read more
ZIVVER_safety_locks

ZIVVER’s secure communication platform is a market leader

When it comes to safeguarding data, you have to first look at the root cause of most breaches. Around the globe, human error is consistently the top cause of data leaks, so it’s important to have a security platform that can effectively tackle this. Many companies claim to offer solutions, few actually deliver on providing top flight security alongside […]

Read more
typing on laptop secure email

Remote workforce? Stay secure while preventing data leaks

Minimize needless stress and optimize business efficiency  Businesses worldwide have quickly shifted to a remote workforce, in response to social distancing measures introduced to slow the spread of the coronavirus (COVID-19) pandemic. While many governments initially announced measures lasting up to several weeks, it is now expected that social distancing will be in […]

Read more
Untitled design (2)

Encryption for beginners 2: PGP and Hashing

If you want to prevent unintended recipients from gaining access to emails containing sensitive personal data, it is imperative to use encryption. Encryption is an interesting and yet complex subject, not widely understood by the general public. We started covering the topic with the encryption for beginners 1 blog post, in which we highlighted the differences between […]

Read more
Encryption for Beginners_locks_ZIVVER_email

Encryption for Beginners 1: (A)symmetric encryption

Most people don't realize how easily an email can be sent to the wrong recipient. A typo in the address, a mistake in the configuration of a server, the wrong name selected from the automatic address book: they are all simple and common mistakes. In addition to the human error element, there is always a risk that hackers could compromise the mail server of a provider […]

Read more