3.1 Compression, Encryption and Hashing

Why is compression useful?

• Compression is crucial for reducing file size to facilitate efficient data transfer over the Internet

What is the benefit of files being smaller?

• Smaller files have faster transmission times and require less bandwidth consumption

What are the two kinds of compression?

Lossy and lossless compression

What is lossy compression?

Compression where some of the data is lost

What is lossless compression?

Compression where all the data is kept

What are the benefits of lossy compression?

• Greatly reduced file sizes

• Suitable for media streaming where some data loss is acceptable

What are the drawbacks of lossy compression?

• Irreversible loss of data quality

• Not suitable for text or archival storage

What are the benefits of lossless compression?

• Maintains original data

• Best for text and data that require integrity

What are the drawbacks of lossless compression?

• Larger file sizes than lossy

• Requires high bandwidth when streaming

What is run length encoding?

a form of data compression that condenses identical elements into a single value with a count.

What is dictionary coding?

A form of compression that replaces recurring sequences with shorter, unique codes

Where is run length encoding used?

Bitmap images to compress sequences of the same colour

Where is dictionary coding used?

Text and binary data

What is the main aim of encryption?

to secure data from unauthorised access

How is encrypted unscrambled for use?

• Encryption methods use 'keys', which are specialised programs designed to scramble or unscramble data

What is an example of encryption?

HTTPS protocol uses encryption to provide secure data transfers across the internet

How does symmetric encryption work?

• The sender uses a key to encrypt the data before transmission

• The receiver uses the same key to decrypt the data

• It's usually faster, making it ideal for encrypting large amounts of data

What are the disadvantages of symmetric encryption?

• The significant downside is the challenge of securely sharing this key between the sender and receiver

• If a bad actor captures the key, they can decrypt all messages intercepted in transmission

How many keys does asymmetric encryption use?

• Asymmetric encryption uses two keys:

  • a public key for encryption

  • and a private key for decryption

How does asymmetric encryption work?

• Receivers openly share their public key

• Senders use this public key to encrypt the data

• The receiver's private key is the only key that can decrypt the data and is kept locally on their side

• The public and private keys are created at the same time and are designed to work together in this way

What are the drawbacks of asymmetric encryption?

• It is typically slower than symmetric encryption

• It is generally used for more secure and smaller data transactions, e.g. passwords, bank details

What kind of data is symmetric encryption used on?

Large files, databases

What are reasons for choosing symmetric encryption?

• Fast and efficient for bulk data.

• The same person encrypts and decrypts, e.g. when backing up data.

What kind of data is asymmetric data suited for?

Confidential/secret communications

What are the reasons for choosing asymmetric encryption?

• Sharing highly secure data, e.g. passwords, government communications

What is Hashing?

hashing is a method to convert any data into a fixed-size string of characters

What are the benefits of hash?

• Same input will always produce the same hash, providing consistency

• Even a minor change in input produces a radically different hash, giving it sensitivity to data changes

What are examples of common hashing algorithms?

MD5 (Message Direct 5)

SHA-1(Secure Hash Algorithm 1)

SHA-256(Part of the SHA-2 family)

SHA-3

What are the features of MD5 (Message Digest 5)

• Widely used but considered weak due to vulnerabilities to collision attacks

What are the features of SHA-1(Secure Hash Algorithm 1)

• Previously used in SSL certificates and software repositories, now considered weak due to vulnerabilities

What are the features of SHA-256(Part of the SHA-2 family)

• Commonly used in cryptographic applications and data integrity checks. Considered secure for most practical purposes

What are the features of SHA-3(Part of the SHA-2 family)

• The most recent member of the Secure Hash Algorithm family, designed to provide higher levels of security

What method does storing passwords use?

Hashing

How is hashing used to store passwords?

• When the user first signs up, the password they provide is hashed

• The hashed password is stored in the database, rather than as plaintext

• When users try to log in, they enter their username and password

• The system hashes the password entered by the user during the login attempt

• The hashed password is compared against the stored hash in the database

• If the hashes match, the user is authenticated and granted access

• If they don't match, access is denied

What is the benefit of hashing when used to store passwords?

• Hashing passwords adds an extra layer of security

• Even if the database is compromised, the attacker can't use the hashed passwords directly

• In case of a data breach, not storing passwords in plaintext minimises the risk and potential legal repercussions

• Users' raw passwords are not exposed, reducing the impact of a data breach

• Since the hash function always produces the same output for the same input, verifying a user's password is quick

What does a goof hash function do?

• A good hash function uniformly distributes keys across the hash table, allowing for a more balanced and efficient data retrieval

What is an additional benefit of hashing?

• Another benefit of hashing data is being able to verify its integrity

How can hashing be used to verify data integrity?

• When data is being transferred over a network, it is susceptible to loss of packets or malicious interference, so if two hashes are compared and are identical, it allows a system to verify the integrity of data

• This is because the same data hashed by the same hashing function will produce the same digest

• Comparing two fixed-size hashes is computationally less intensive than string comparison