You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
This lesson covers encryption as a network security prevention method, as required by OCR J277 Section 1.4. Encryption is fundamental to protecting data both in transit (being sent across a network) and at rest (stored on a device).
Encryption is the process of converting plaintext (readable data) into ciphertext (unreadable data) using a mathematical algorithm and a key. Only someone with the correct key can decrypt the ciphertext back into plaintext.
The following diagram shows the basic encryption and decryption process:
graph LR
A["Sender\n(Plaintext)"] --> B["Encrypt\nwith Key"]
B --> C["Ciphertext\n(transmitted)"]
C --> D["Decrypt\nwith Key"]
D --> E["Receiver\n(Plaintext)"]
| Term | Meaning |
|---|---|
| Plaintext | The original, readable data |
| Ciphertext | The encrypted, unreadable data |
| Encryption | Converting plaintext to ciphertext |
| Decryption | Converting ciphertext back to plaintext |
| Key | A value used by the algorithm to encrypt/decrypt data |
| Algorithm | The mathematical process used for encryption |
Encryption protects the confidentiality of data. Even if an attacker intercepts encrypted data, they cannot read it without the decryption key.
OCR Exam Tip: When explaining why encryption is important, always link it to confidentiality: "Encryption ensures that even if data is intercepted, it cannot be read without the decryption key."
In symmetric encryption, the same key is used for both encryption and decryption. Both the sender and receiver must possess the same secret key.
The main weakness of symmetric encryption is key distribution — how do you securely share the secret key with the receiver? If the key is intercepted during transmission, the attacker can decrypt all communications.
| Advantage | Disadvantage |
|---|---|
| Fast — less computationally intensive | Key must be shared securely |
| Suitable for encrypting large amounts of data | If the key is compromised, all data is vulnerable |
| Simple to implement | Does not scale well — each pair of users needs a unique key |
In asymmetric encryption, two different but mathematically related keys are used: a public key and a private key.
Because the private key never needs to be shared, asymmetric encryption solves the key distribution problem.
| Advantage | Disadvantage |
|---|---|
| No need to share the private key | Slower — more computationally intensive |
| Solves the key distribution problem | Not practical for encrypting large data volumes |
| Scales well — only one key pair per user | More complex to implement |
OCR Exam Tip: The exam frequently asks you to compare symmetric and asymmetric encryption. Remember: symmetric = one shared key (fast but key distribution problem), asymmetric = two keys, public and private (slower but no key distribution problem). A top answer will mention both advantages and disadvantages.
| Feature | Symmetric | Asymmetric |
|---|---|---|
| Number of keys | One (shared) | Two (public and private) |
| Key distribution | Must share securely | Public key shared openly |
| Speed | Fast | Slow |
| Best for | Large data volumes | Small data, key exchange |
| Security risk | Key interception | Private key must remain secret |
| Example | AES | RSA |
The diagram below contrasts the two key-handling models on a single page, which is a useful revision aid.
flowchart TB
subgraph Symmetric["Symmetric (e.g. AES)"]
A1[Sender Plaintext] -->|Encrypt with shared key| A2[Ciphertext]
A2 -->|Decrypt with same shared key| A3[Receiver Plaintext]
K1[(Shared Secret Key)] -.-> A1
K1 -.-> A3
end
subgraph Asymmetric["Asymmetric (e.g. RSA)"]
B1[Sender Plaintext] -->|Encrypt with receiver's public key| B2[Ciphertext]
B2 -->|Decrypt with receiver's private key| B3[Receiver Plaintext]
PK[(Receiver Public Key)] -.-> B1
SK[(Receiver Private Key)] -.-> B3
end
In real-world systems, symmetric and asymmetric encryption are often used together:
This is how HTTPS works — the TLS handshake uses asymmetric encryption to agree on a session key, which is then used with symmetric encryption for the rest of the communication.
Encryption is a critical security measure that converts data into an unreadable form to protect confidentiality. Symmetric encryption uses one shared key (fast but has key distribution issues), while asymmetric encryption uses a public/private key pair (slower but solves key distribution). For the OCR J277 exam, be prepared to explain both types, compare them, and describe real-world applications.
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.