Encryption 1 What is encryption? Encryption is a technique to make communication and all involved parties such as sender and recipient invisible, so that an adversary does not realise that the communication takes place. Encryption means that a message (‘plain text’) is encoded into a secure version (‘ciphertext’), so that only authorised parties can read it, preferably only the sender and the recipient. The message can only be read by parties that are able to decrypt it, using a unique secret key. Encryption means that a user on the internet protects something with a strong password, for example a social media account. Only users with the password can read the messages of the account.No. This is not what encryption means. This is only a protection of an account. Encryption means that a message (‘plain text’) is encoded into a secure version (‘ciphertext’), so that only the authorised parties can read it, preferably only the sender and the recipient. The message can only be read by parties that are able to decrypt it, using a unique, secret key. Next 2 In digital communication, there is a differentiation between metadata and content. Metadata are data about the communication itself, for example who communications with whom, when and where. Content is the communication itself, for example the text of an email. Where does encryption usually help? metadata content metadata and content. Back Next 3 There are different types of encryption. What is transport encryption? Transport encryption means that the connection between computers and servers is encrypted, but not the message itself. This excludes adversaries during the transport from intercepting the message. However, every involved computer and server of the communication process is able to read the message. Transport encryption means that only sender and recipient are able to read the encrypted message, because only they have the secret key to decrypt it. Transport encryption means that the sender and the recipient create a direct, encrypted connection between themselves for the whole transport to exclude all servers in between from reading their messages. Back Next 4 There are different types of encryption. What is end-to-end encryption? End-to-end encryption means that the sender and the recipient make a communication and all involved parties invisible, so that an adversary does not realise that the communication takes place. End-to-end encryption means that the sender and the recipient create a direct, encrypted connection between themselves for the whole transport to exclude all servers in between from reading their messages. End-to-end encryption means that only the sender and the recipient are able to read the encrypted message, because only they have the secret key to decrypt it. Back Next 5 Imagine you use an email provider that offers transport encryption over SSL/TLS by default, but no end-to-end encryption. What does the email provider, that may be legally bound to hand over your data to governments, see about your stored emails on their servers? The metadata of your emails (email addresses, time and date, subject line), but not the content (text of the email and attachments). Not the metadata of your emails (email addresses, time and date, subject line), but the content (text of the email and attachments). Both the metadata of your emails (email addresses, time and date, subject line) and the content (text of the email and attachments). Back Evaluation Evaluation 1 What is encryption? Your answer was wrong: Encryption is a technique to make communication and all involved parties such as sender and recipient invisible, so that an adversary does not realise that the communication takes place. Explaination: No. Encryption does make involved parties or the message ‘invisible’. In fact, everything remains visible, but the message is encoded in a way that only authorised parties are able to read it. The correct answer is: Encryption means that a message (‘plain text’) is encoded into a secure version (‘ciphertext’), so that only authorised parties can read it, preferably only the sender and the recipient. The message can only be read by parties that are able to decrypt it, using a unique secret key. Your answer was wrong: Encryption means that a user on the internet protects something with a strong password, for example a social media account. Only users with the password can read the messages of the account.No. This is not what encryption means. This is only a protection of an account. Encryption means that a message (‘plain text’) is encoded into a secure version (‘ciphertext’), so that only the authorised parties can read it, preferably only the sender and the recipient. The message can only be read by parties that are able to decrypt it, using a unique, secret key. 2 In digital communication, there is a differentiation between metadata and content. Metadata are data about the communication itself, for example who communications with whom, when and where. Content is the communication itself, for example the text of an email. Where does encryption usually help? Your answer was wrong: metadata Explaination: No. The metadata mostly remains the same when a message is encrypted. Who communicates with whom remains unencrypted. The correct answer is: content Explaination: Your answer was wrong: metadata and content. Explaination: No. The metadata mostly remains the same when a message is encrypted. Who communicates with whom remains unencrypted. 3 There are different types of encryption. What is transport encryption? The correct answer is: Transport encryption means that the connection between computers and servers is encrypted, but not the message itself. This excludes adversaries during the transport from intercepting the message. However, every involved computer and server of the communication process is able to read the message. Your answer was wrong: Transport encryption means that only sender and recipient are able to read the encrypted message, because only they have the secret key to decrypt it. Explaination: No. What is described here is called end-to-end encryption. Transport encryption, however, means that the connection between computers and servers are encrypted, but not the message itself. This excludes adversaries during the transport from intercepting the message. However, every involved computer and server of the communication process is able to read the message. Your answer was wrong: Transport encryption means that the sender and the recipient create a direct, encrypted connection between themselves for the whole transport to exclude all servers in between from reading their messages. Explaination: No. Transport encryption, however, means that the connection between computers and servers are encrypted, but not the message itself. This excludes adversaries during the transport from intercepting the message. However, every involved computer and server of the communication process is able to read the message. 4 There are different types of encryption. What is end-to-end encryption? Your answer was wrong: End-to-end encryption means that the sender and the recipient make a communication and all involved parties invisible, so that an adversary does not realise that the communication takes place. Explaination: No. Encryption never makes a communication itself invisible. Your answer was wrong: End-to-end encryption means that the sender and the recipient create a direct, encrypted connection between themselves for the whole transport to exclude all servers in between from reading their messages. Explaination: No. Also for end-to-end encryption, the sender and the recipient typically rely on servers in between that transmit the message. The correct answer is: End-to-end encryption means that only the sender and the recipient are able to read the encrypted message, because only they have the secret key to decrypt it. 5 Imagine you use an email provider that offers transport encryption over SSL/TLS by default, but no end-to-end encryption. What does the email provider, that may be legally bound to hand over your data to governments, see about your stored emails on their servers? Your answer was wrong: The metadata of your emails (email addresses, time and date, subject line), but not the content (text of the email and attachments). Explaination: No. The email provider sees everything. Your answer was wrong: Not the metadata of your emails (email addresses, time and date, subject line), but the content (text of the email and attachments). Explaination: No. The email provider sees everything. The correct answer is: Both the metadata of your emails (email addresses, time and date, subject line) and the content (text of the email and attachments). Back Print page