Encryption: Resources and Programs Overview

Encryption is the process of converting or coding data into an unreadable format, such that only the intended party is able to reverse the process and read the content. The goal of encryption is to protect sensitive data or messages from unauthorized access even if the encrypted message itself is caught by prying eyes. Encryption is a complex process that requires mathematically intense computations to efficiently encrypt and decrypt the data. Historically, encryption was first used by military and government entities to protect state secrets and safely exchange classified messages. Nowadays, any civilian can take advantage of encryption for personal use with free and commercial off-the-shelf encryption software such as Pretty Good Privacy (PGP), GNU Privacy Guard (GPG), Secure/Multipurpose Internet Mail Extensions (S/MIME), Encrypting File System (EFS), TrueCrypt, etc.

Plaintext is used in cryptography to refer to the original text or data before it becomes encrypted. Plaintext is unencrypted text or data that can be read and accessed by anybody with access to the file.

Ciphertext is used in cryptography to refer to the processed data after it has been encrypted. Ciphertext is encrypted text or data that can only be read or accessed by authorized parties with the capability to decrypt the data.

Data in transit is defined as files or data being transferred between systems over the network or Internet. Popular methods of transport are web, FTP, and email. Data in transit is commonly protected with encryption, such as Transport Layer Security (TLS) and Pretty Good Privacy (PGP).

Data at rest refers to inactive files or data that are in storage or temporarily residing on a system. Data can reside almost anywhere but is commonly found on backup tape drives, file servers, databases, external drives, spreadsheets, text files, etc. Data at rest can be encrypted with a variety of tools, such as PGP, 7-Zip. It is also possible to encrypt PDF documents with Abobe Acrobat and Word documents with Microsoft Office.

Full Disk Encryption refers to technology that can protect a volume of data by applying encryption, such that the entire contents of the disk are automatically encrypted/decrypted. Full disk encryption is particularly useful if the computer/drive is lost or stolen, but does not protect the disk while it is actively being used for everyday operation. Popular full disk encryption software packages are BitLocker and FileVault.