Context:
Recently an article explained about what is end-to-end encryption and how does it helps to secure information.
Encryption:
- Changing information from consumable into inconsumable form based on some rules
- Prevents third parties from accessing data while transferring.
- “Key” – some data using which a computer can ‘unlock’ (decrypt) some ‘locked’ (encrypted) text.
- Types of key – Private and Public key
- Important forms –
- Encryption-in-transit
- End-to-End Encryption (E2EE)
- Legal Framework for Encryption –
- Minimum Encryption Standards
- Prohibition on Encryption Technologies
- The Information Technology Rules 2021
- Information Technology Act of 2000
Encryption-in-Transit:
- Encrypts messages before transmission between server and user.
- Safeguards against interception, preventing unauthorized access.
- Secures information during transit between specific locations.
End-to-End Encryption (E2EE):
- Encrypted in transit (phone to server, vice versa) and at rest (inside the server).
- Decryption occurs only when your friend receives it.
- Uses an algorithm that transforms standard text into an unreadable format
- Advantages –
- Security in transit
- Safety from end parties
- Tamper proof
- Disadvantages –
- Complexity in Defining the Endpoints
- Too Much Privacy
- No Protection to Metadata
Symmetric Encryption:
- Key used for encrypting certain information is the same key needed for its decryption.
- Useful when the sender and the recipient are the same person
- Eg: Data Encryption Standard (DES), Advanced Encryption Standard (AES)
Asymmetric Encryption:
- Depends on secrecy of private key and the public-private key correspondence
- Useful when the sender and the recipient are different
Hash Function:
- Responsible for encrypting a message
- Properties –
- Generates an encrypted digest from an input message without revealing the original message.
- Produces a fixed-length digest regardless of the input message length.
- Ensures uniqueness of digests for distinct messages
Source: The Hindu
Previous Year Question
With reference to Web 3.0, consider the following statements:
1. Web 3.0 technology enables people to control their own data.
2. In Web 3.0 world, there can be blockchain based social networks.
3.Web 3.0 is operated by users collectively rather than a corporation.
Which of the statements given above are correct?
[UPSC Civil Services Exam – 2022 Prelims]
(a) 1 and 2 only
(b) 2 and 3 only
(c) 1 and 3 only
(d) 1, 2 and 3
Answer: (d)