44 total
By the end of this subtopic, you should be able to:
When data travels across the internet — whether it's a bank payment, an email, or a login — it passes through many computers and networks along the way. Any of those computers could be controlled by someone trying to steal your information. This kind of unauthorised person who intercepts data is called an eavesdropper.
Encryption is the process of scrambling data so that even if someone intercepts it, they cannot understand it. It transforms the original, readable data (called plaintext) into a jumbled, unreadable version (called ciphertext). Only the intended recipient, who has the correct key, can turn the ciphertext back into readable plaintext. This reverse process is called decryption.
It is important to understand that encryption does not stop data from being intercepted — it just makes that intercepted data completely meaningless to anyone who shouldn't have it.
When we transmit data securely, there are four key concerns we try to address:
Confidentiality means that only the intended recipient can read the data. No one else should be able to make sense of it.
Authenticity means that the recipient can be certain about who actually sent the message. Without this, a malicious person could pretend to be someone trustworthy.
Integrity means that the data arrived exactly as it was sent and was not changed or tampered with on the way.
Non-repudiation means that neither the sender nor the receiver can later deny that they were involved in the communication. This is important for legal and business reasons.
Sign in to view full notes