adam's notes

❯

❯

Encryption Supporting Confidentiality

Encryption Supporting Confidentiality

States of Data
encrypting megabytes or gigabytes of data is referred to as bulk encryption
- asymmetric encryption is not used for bulk encryption
  - cannot process large amounts of data efficiently
- uses symmetric encryption
  - e.g., AES
  - efficient
  - has problem of key exchange
    - asymmetric encryption of key
typically use both symmetric and asymmetric encryption:
1. user generates an asymmetric key pair for the chosen cipher, such as RSA or ECC
  - private key is encrypted
    - user must supply account credential to use it
  - private key is the key encryption key (KEK)
2. system generates a symmetric key for the chosen cipher (e.g., AES256)
  - referred to as the file or media or data encryption key (DEK)
3. data encryption key is encrypted using the public key portion of the KEK
4. to access encrypted data,
  - user must:
    - supply a password
    - or start an authenticated session to use their private key
  - to decrypt the secret key, which can then decrypt the data

Graph View

Backlinks

Explain Cryptographic Solutions

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me