Interesting week on encryption and its effects on me positively or negatively, personally I don’t believe that both the personal nor professional information I am in possession of needs to be encrypted, however, there are certain departments within the organization I work for requires the use of PGP software in order to ensure that electronic transfer of certain confidential data is secure.  This software is limited to a select few within the organization and required IT Security approval before obtaining access to it. 

In today’s world both the commercial and consumer domains uses encryption, providing protection to electronic data both while being transmitted over networks and stored on hard drives, smart phone or flash drives.

The topic of encryption has me wondering about “how secure is our encrypted data and is it still possible to be accessed by unauthorized users?” An article written Bryan Clark “makeuseof”, suggests that due to modern encryption technology the use of larger key size algorithms the longer it takes for unauthorized individuals to crack an encryption.   RSA is widely used for data transmission and relies on both a public key and a secondary value in order for messages to be encrypted.  Multiple cryptographic protocols have been developed as a result of RSA, resulting in the algorithm for several open source technologies, such as PGP, allowing the encryption of digital messages.   According to Bryan Clark; as a result of modern cryptographic technologies the attempt to crack and encryption without a key can be costly.  However, that being said Bryan also suggests that if private keys are not secure, there is always a possibility of unauthorized individuals getting hold of such keys and therefore able to access secure data. 

This week’s debate topic: “Strong Encryption should be restricted to licensed users only” allowed me to look at encryption from both perspectives to the question, on one side, yes there is precedent with limiting the use of strong encryption to only a limited set of users, but on the other side, does that mean because an average person may not possess data that would be considered high risk or affect national security that it is deemed unnecessary to be protected by strong encryption. Who makes that call, in my opinion I believe that the choice should be left to the individual that possess the information to deem it strong encryption worthy or not.

Reference:

Canada Data Privacy Laws | Perspecsys. (n.d.). Retrieved October 12, 2015, from http://perspecsys.com/how-we-help/cloud-privacy/canada-data-privacy-laws/

Clark, B. (2015, March 9). How Does Encryption Work, and Is It Really Safe? Retrieved October 12, 2015, from http://www.makeuseof.com/tag/encryption-care/

Shackleford, D. (2007, November 1). Regulations and Standards: Where Encryption Applies. Retrieved from https://www.sans.org/reading-room/whitepapers/analyst/regulations-standards-encryption-applies-34675

Baker, S., & Hintze, M. (2000, June 1). Government Regulation of Encryption: Domestic & International Developments. Retrieved October 8, 2015, from http://encryption_policies.tripod.com/us/baker_060100_regulation.htm

Natalia