Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Introduction to Data Security

Preview

Start a free Courses trial
to watch this video

Sign up for Treehouse

Encryption

3:17 with Kenneth Love

How do you keep data safe but recoverable?

If you want to, you can go here to learn more about Project Callisto. It's a really interesting project and is open to contributions if you'd like to donate your time and knowledge to it.

If you'd like to know a bit more about asymmetric, or public key encryption, this is an excellent article from Panayotis Vryonis.

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    Okay so you have some data that you need to store. 0:00
    You need to be able to get the data back at a later time. 0:03
    Of course while it's stored it should be unreadable to anyone that doesn't have 0:05
    the keys to the data. 0:08
    This is where encryption comes into play. 0:09
    Encryption is a very broad area of cryptography. 0:12
    But we're going to define it as means of turning readable data into unreadable data 0:14
    and back again. 0:18
    Encryption, unlike hashing, is a two-way street. 0:19
    Let me define a couple of terms real quick. 0:23
    First is plaintext, this is the, well, plain text or 0:25
    data that you want to encrypt. 0:29
    This is your secret, if you will. 0:31
    Second is ciphertext. 0:32
    Ciphertext is text or data that is meaningless by itself. 0:35
    Ciphertext is the encrypted version of your plain text. 0:38
    Encryption is the process of turning plain text into ciphertext. 0:41
    Decryption is reversing the process and turning ciphertext back into plain text. 0:45
    Like we talked about before encryption and 0:49
    cryptography is a pretty old area of study. 0:51
    People have been writing secret messages for the vast majority of recorded history. 0:53
    For now let's focus on common reasons for encryption and general methods for 0:57
    doing so. 1:02
    Like most secret messages like history, 1:02
    encryption is most commonly used in communication. 1:04
    When you connect your website, use an SSL certificate, your communication to that 1:07
    website and it's to you about encrypted and the secret. 1:12
    When you send a message to your friend in an app like WhatsApp or 1:15
    Signal that message is also encrypted. 1:18
    Communication between two parties is probably the most common use of encryption 1:21
    on today's internet. 1:24
    Wait, what's the harm on not using a secure HTTP connection? 1:26
    When you request the URL maybe it includes some query string parameters or 1:30
    has your password in the HTTP header as form data. 1:33
    All of that is visible to anyone that's tapped in the connection between you and 1:36
    the server. 1:39
    If you're using HTTPS though, 1:40
    that SSL certificate encrypts all of that data so no one can inspect it. 1:42
    We'll cover SSL, in more detail, in a future course. 1:47
    But, for now, check the teacher's notes for more info if you're interested. 1:49
    You might also wanna encrypt data that you're storing for legal purposes. 1:52
    For example, project Callisto is a college campus focus tool for 1:56
    reporting sexual assault. 2:00
    Callisto encrypts all reports before storing them securely so 2:01
    that only the reporter can access them. 2:04
    You may want to do the same with any sensitive information provided to you, or 2:06
    your users, or internally. 2:09
    There're two main styles of encryption that you'll likely to encounter. 2:11
    Symmetric and Asymmetric encryption. 2:14
    In symmetric encryption, the plain text is encoded and decoded using the same key. 2:16
    Which means, everyone in the circles has to have the key. 2:21
    If the key is ever compromised, all of the encrypted data can be unencrypted and 2:24
    stolen or abused. 2:27
    With asymmetric encryption, everyone has two keys one private and one public. 2:28
    To send me an encrypted message, you encrypt it using my public key and 2:34
    I would decrypt it with my private one. 2:37
    Symmetric encryption seems to be declining in popularity lately. 2:40
    But encryption methods such as AES, blowfish and idea all use it. 2:42
    That isn't to say that asymmetric, or 2:46
    public key encryption is impervious to attack of course. 2:48
    But attacks on it are often more difficult than is economically viable. 2:51
    Common public key encryption usages nowadays are things like the off 2:55
    the record messaging feature that's built into mini chat programs. 2:58
    Technologies like SSL and SSH are actually a combination of public and private keys. 3:01
    Whatever encryption you decide to use, 3:05
    it's often a good idea to keep keys fresh and stored in a safe place. 3:07
    We'll talk more about encryption later but now is a good time to start thinking about 3:10
    place that you might need to securely encrypt data. 3:14

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up