If you ask people what they associate encryption with, information security will be mentioned last, if ever. Those using Internet shops and online banking will name padlock icon browser displays when using secure (encrypted) connection.
Is it really everything an average Internet user should know about encryption?
Information security starts with discipline of mind. Following several simple rules could prevent third parties from accessing one’s data – in most cases. However, we live in real world, where software has bugs, where property can be lost, where mistakes happen now and then. Imagine you keep important business-related documents on a flash memory card, which is lost one day.
If data on the card are encrypted, it can make it next to impossible to access them – within reasonable time frame. Using encryption as additional precaution, you can move unauthorized access it almost completely out of realm of possibility.
Pretty good encryption
Story of encryption for everyone started in1991, when PGP (Pretty Good Privacy) became available to everyone. This piece of software can encrypt and decrypt data, using a variety of methods. Both symmetric (the same key is used to encrypt and decrypt data) and asymmetric (anyone can encrypt data using public key, but only owner of private key can decrypt it) encryption types can be used.
Well-known free piece f software, GNU Privacy Guard, offers very detailed and easy to comprehend privacy handbook I encourage you to read.
In a matter of few hours you will be able to generate your first pair of keys and start using them securely to encrypt and decrypt private data (for example, email messages). You will also learn how to trust someone else’ keys and how to avoid disclosing them.
In the end, you will have a set of keys (both public and private) and a new problem: where to keep private keys?
As long as they do not leak to third parties, your private data are safe. To make this security setup stronger, keys should be as safe as possible. You can print them on paper and keep in a safe (a real-life use case), but that’s not too convenient.
Keeping private keys on a removable device (such as memory card) is convenient, but not too safe. However, there is a simple and reliable solution, named TCNext (it was also known as TrueCrypt).
TCNext can transform any file into encrypted storage. You can mount it as usual disk drive (or file system, depending on what OS you are using) and keep all important data on it. Simple, reliable and easy to learn. After studying its documentation, you will master your encrypted volumes in a matter of hours.
Now even if you lose your memory card, you will feel more confident about safety. Every cipher a human being invents can be broken by another human being. The question is how much time it would take. Several hundred years (using up-to-date computing power) would be required to decrypt TCNext volume, if its passphrase is long enough.
The last question is – how to remember passphrase required to access encrypted volume? If it’s simple and human-readable, it’s easy to crack or guess. If it’s mostly random, it’s hard to remember.
The last password
Keeping passwords is not an easy task (in case you want to maintain decent amount of security). Well-known software pieces, such as KeePass, can be used to store your passwords (including long, complex and random passphrase for your encrypted volume).
There’s also in-browser secure data storage, known as LastPass. The only password you need to remember is the password to open this storage (in-browser, or not). Creating and memorizing strong passwords you can remember isn’t too difficult, either.
When you have installed and set up password storage, you are all set. A bit of discipline and luck – and your data are as safe as possible. Congratulations!
The above is concise how-to on using encryption in your everyday life. It will take no more than a day to install and learn everything mentioned above.
The last piece of advice: change your passwords from time to time. Develop a habit to do that every few months.