- The data transmitted across the network can be intentionally or unintentionally modified or manipulated hence it cannot be considered as secure
- Inadequate or weak encryption can lead to data breaches where an intruder can exploit prevailing vulnerabilities between server and client communications
- In weak encryption based attacks, an attacker can decrypt sensitive data using brute force attacks
- Weak encryption keys can allow attackers to perform reverse engineering, man-in-the-middle attacks, spoof content, phishing attacks
Encryption: Symmetric and Asymmetric Key
- Encryption is a method of transforming plain text into something unintelligible (cipher) text in order to protect it from data compromise
- Symmetric encryption (secret-key, shared-key, and private-key) uses the same key for encryption as it does for decryption
- Asymmetric encryption (public-key) uses different encryption keys for encryption and decryption. These keys are known as public and private keys
- In Java, a cipher object is created in the process of encryption and decryption with a specific algorithm such as DES for symmetric and RSA for asymmetric encryption
- The javax.crypto package provides a framework for symmetric and asymmetric encryption with cipher implementations
Symmetric Encryption
Asymmetric Encryption
Cheng® 