in Cyber Security

Encryption: A security measure or a hoax?

This modern world calls for safety over the web to be paramount of using the internet. This gradual digital revolution means several personal information such as credit card information, passwords, bank account details, etc. travel over the website.

Furthermore, this wave of use of IoT devices is also a call for privacy exposures. These devices although may seem to be trendy as well as highly convenient, sadly don’t add up well to the security. There are numerous cases which led to them being a cause of security breaches.

Fortunately, though, due to the rise of security breaches and cyber attacks have shaken the cyber analysts from their deep sleep of ignorance. The value of privacy or keeping information private has finally become a matter for people to ponder upon.

One measure that people take up to ensure safety over the internet is encryption. This still gingerly new concept is massively getting advertised over. However, the food for thought here is that it is “encryption as secure as it sounds or in reality a double-edged sword?”

Now before we further delve into the depths of this debate lets discuss:

  • What does it really mean by traffic encryption?
  • Why use traffic encryption.
  • The dark side of traffic encryption.

For all the naïve people out there let’s proceed with insight into the description of traffic encryption.

What is traffic encryption?

To start off at the ground level encryption is basically the method that converts your activity or information into a code. This code is unreadable to anyone who does not have the decryption key. Encryption is considered to be the best form of protection.

Now traffic encryption is a generalized term given to the use of HTTPS (hypertext transfer protocol secure). SSL/TLS  technologies allow the protection of data online.

This is a method used for securing the data that is being transmitted to and fro over the internet. It ensures that web traffic remains private. This is done so by encrypting every bit of information passing over the internet with the use of an encryption certificate.

To make use of this encryption method the websites make a change in their URL. They add up an https instead of a simple http in the URL. This is symbolized by a padlock icon in the address bar of the browser.

Why encrypt your traffic?

Up until recently, encryption of online data has been a lot stressed upon. Tech giant Google has taken up a campaign to portray the use of HTTPs instead of HTTP. This campaign started with the latest version of Google displays a “not secure” sign when an HTTP site is opened.

Firefox was quick to adopt this technique in its latest browser addition too. But the critical question that rises is to why encrypt your internet traffic? The most generic reasons are as follows:

  • No one can steal your cookie identity
  • Interfere with the content you send out or receive
  • Have a look at your activity

However, some of the fundamental reasons as to why people stress so much over traffic encryption may be:

1.    It helps stay secure

The most apparent reason to maintain internet traffic encryption Is that it provides security. With personal information being transferred back and forth over the internet is it better to stay secure. We obviously don’t want that private data to end up in someone’s hands!

Encrypting the data ensures that it remains aloof from the prying eyes of third parties and data snoopers. This means that even the online traffic gets intercepted by some hacker, it will be useless for him as it will be undecipherable.

An encrypted data without its encryption key is useless! This is like sending a parcel to be delivered in a military confined box.

2.    Provides anonymity

Another reason those privacy-conscious people out there to use encryption is that it allows for anonymity. Being anonymous is something many people don’t focus upon, but it is indeed exceedingly crucial.

There are many people out there who monitor your online activity. It may be your boss, ISP or just about anyone who wants to keep an eye on you.  Having a keen eye on internet traffic is something that allows an individual to know a lot about you.

Therefore exposing your online activity is equivalent to exposing yourself. Encryption, however, prevents that from happening. This because even if someone manages to get hands on the data, it will be encrypted. Due to this, the hacker won’t know the content or the person whom the data belongs to.

Cons of traffic encryption

Traffic encryption is sure to have all been hyped about. But mainly that I because, we focus on the sunny side! Ever wondered what it would look like on the side where the grass isn’t that green?

Traffic encryption sure has its numerable downsides, some of which are defined below:

1.    Need to buy an SSL certificate

To make use of HTTPS in your websites, you will have to further invest in purchasing an SSL certificate. This certificate has to be legitimate as is issued as relied upon the trustworthiness of the certificate authorities.

Although the price of the certificate varies with the number of domain and subdomain, it covers. Also, the cost depends upon the level of identity verification, but still an investment due is a sure headache!

2.    Leverage to the hackers

Most of the companies now are opting for having their traffic encrypted. The downside to this is that the data that is sent out and is being received is unreadable. This way anything from malwares to viruses enters the traffic.

Apart from that hacker and other cybercriminals sneak into your security using HTTPS/TLS encryption to breach your security. They usually send phishing emails to naïve people who end up opening them.

Once the email opens up an encrypted code starts downloading automatically. This then infects the system with malware or virus. Steal information or perform any other harmful criminal act.

3.    Speed issues

Encryption is definitely an additional process along with the regular sending and receiving of data online. The data packets now have to go through with being changed into code, and then they are allowed to proceed forward.

In HTTPS an extra number of handshake packets are encoded and sent to the server before the first byte of the payload is encoded. This causes a delay that isn’t present while using the HTTP method. Furthermore, the encrypt/decrypt process takes time and adds up to latency

Parting words

The debate on the pros and cons of traffic encryption seems to be an ongoing topic. With the hype it is creating, even if you do you encryption it is better to take up the safety measures to make up for its downsides!

Write a Comment

Comment