week 20
K1.20 The purpose and types of encryption as a risk mitigation technique and their applications:
The purpose of encryption is to store and transfer data securely using cryptography techniques, so that it cannot be read or accessed by unauthorised users.
Encryption helps protect:
-
Personal and sensitive information (e.g. passwords, bank details)
-
Confidential business data (e.g. financial records, customer data)
-
Communications across networks (e.g. websites, emails)
What Is Encryption?
Encryption is the process of converting readable data (plaintext) into a scrambled, unreadable format (ciphertext), which can only be turned back into readable data (decrypted) using a special key.
Types of Encryption and Their Applications
Asymmetric Encryption
Uses two different keys: a public key to encrypt and a private key to decrypt.
| Purpose | Send secure data between two parties (who don’t share a key) |
|---|---|
| Application Example | Encrypted email systems (e.g. ProtonMail, PGP encryption) |
| How It Works | You encrypt with the recipient’s public key, and they decrypt with their private key |
Useful for secure sharing over untrusted networks.
Symmetric Encryption
Uses one shared key to encrypt and decrypt data.
| Purpose | Encrypt large amounts of data quickly |
|---|---|
| Application Example | Card payment systems, encrypted messaging apps |
| How It Works | The same secret key is used by both sender and receiver |
Faster than asymmetric encryption but requires secure key sharing.
Data at Rest Encryption
Protects stored data (e.g. on hard drives or USBs) so that even if the device is stolen, the data is unreadable.
Full Disk Encryption
| Purpose | Encrypts everything on a device |
|---|---|
| Application Example | BitLocker (Windows), FileVault (macOS) |
| How It Helps | Prevents access to data if the device is lost or stolen |
Hardware Security Module (HSM)
| Purpose | Physically secures and stores encryption keys |
|---|---|
| Application Example | Data centres and cloud environments |
| How It Helps | Protects private keys from tampering, hacking or being exported |
Trusted Platform Module (TPM)
| Purpose | Stores device-specific encryption keys in hardware |
|---|---|
| Application Example | Laptops, servers, secure boot processes |
| How It Helps | Ensures keys can’t be moved to another system |
Data in Transit Encryption
Protects moving data (e.g. between computers or over the internet) from being intercepted.
Secure Sockets Layer (SSL) (older but still known)
| Purpose | Creates secure encrypted link between website and browser |
|---|---|
| Application Example | HTTPS websites with padlock symbol |
| How It Helps | Prevents hackers from reading data (e.g. login credentials, payments) |
Transport Layer Security (TLS) (SSL’s modern replacement)
| Purpose | Encrypts data in transit between devices or networks |
|---|---|
| Application Example | Used in secure email, instant messaging, VoIP, websites |
| How It Helps | Prevents man-in-the-middle attacks |
TLS is more secure and widely used than SSL.
Encryption Explorer
Instructions:
Choose three types of encryption from the list above. For each:
1. Describe what it protects
2. Give a real-world example
3. Explain how it reduces digital risk
Extension: Create a simple infographic or flowchart showing the difference between data at rest and data in transit encryption.
Last Updated
2025-07-14 12:50:30
English and Maths
English
Maths
Stretch and Challenge
Stretch and Challenge
- Fast to implement
- Accessible by default
- No dependencies
Homework
Homework
Equality and Diversity Calendar
How to's
How 2's Coverage
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|
Files that support this week
Week 19←
PrevWeek 20←
PrevWeek 21←
Prev→
Next