17.1 Encryption, Encryption Protocols and Digital Certificates


2026 Syllabus Objectives

By the end of this subtopic, you should be able to:

  • Show understanding of how encryption works, including the use of public key, private key, plaintext, ciphertext, symmetric key cryptography, and asymmetric key cryptography.
  • Explain how keys can be used to send a private message from the public to an individual or organisation.
  • Explain how keys can be used to send a verified message to the public.
  • Explain how data is encrypted and decrypted using symmetric and asymmetric cryptography.
  • Describe the purpose, benefits, and drawbacks of quantum cryptography.
  • Show awareness of Secure Socket Layer (SSL) and Transport Layer Security (TLS), including their purpose, use in client-server communication, and situations where they are appropriate.
  • Show understanding of digital certification, including how a digital certificate is acquired and how it is used to produce digital signatures.

1. What Is Encryption and Why Do We Need It?

When data travels across the internet — whether it's a bank payment, an email, or a login — it passes through many computers and networks along the way. Any of those computers could be controlled by someone trying to steal your information. This kind of unauthorised person who intercepts data is called an eavesdropper.

Encryption is the process of scrambling data so that even if someone intercepts it, they cannot understand it. It transforms the original, readable data (called plaintext) into a jumbled, unreadable version (called ciphertext). Only the intended recipient, who has the correct key, can turn the ciphertext back into readable plaintext. This reverse process is called decryption.

It is important to understand that encryption does not stop data from being intercepted — it just makes that intercepted data completely meaningless to anyone who shouldn't have it.

The Four Security Goals

When we transmit data securely, there are four key concerns we try to address:

Confidentiality means that only the intended recipient can read the data. No one else should be able to make sense of it.

Authenticity means that the recipient can be certain about who actually sent the message. Without this, a malicious person could pretend to be someone trustworthy.

Integrity means that the data arrived exactly as it was sent and was not changed or tampered with on the way.

Non-repudiation means that neither the sender nor the receiver can later deny that they were involved in the communication. This is important for legal and business reasons.

Sign in to view full notes