Want to keep learning?

This content is taken from the Raspberry Pi Foundation & National Centre for Computing Education's online course, Introduction to Encryption and Cryptography. Join the course to learn more.

Encryption and network security

A key application of encryption is network security. In this step you will learn several of the roles that encryption plays in a secure network.

Networks that handle data are reliant on encryption to protect sensitive information from those who are not authorised to access it. When designing a network, you need to consider what data needs to be protected, when it needs to be protected, and who it needs to be protected from.

Security vulnerabilities

Take a look at the following diagram of a computer network. The parts of the diagram that are blue are encrypted. What parts of the network are vulnerable to data being stolen?

diagram of a computer network showing a router connected to the internet, three servers, six on site computers and one off site computer

In a network, data must be communicated from one device to another. If only the devices in the network are encrypted, data is vulnerable when it is transferred. Data is most at risk when it is being transferred into or out of the network, for example if someone logs onto a company website when they are working remotely.

However, these are not the only places where data is vulnerable to theft or tampering. If data is stored in a network and not protected by encryption it can more easily be stolen, either by an external attacker or by someone inside the network. This is the case even in private networks, as they might be targeted by hackers or attacked by someone with access to the network (e.g. a disgruntled employee).

Transmission Control Protocol

Networks use a set of protocols called Transmission Control Protocol (shortened to TCP and often referred to as TCP/IP) to communicate information from one device to another; for example, TCP/IP is used by web browsers to connect with internet servers in order to collect, download, and display information when you are visiting a website.

The Transmission Control Protocol establishes a reliable connection between your web browser and a server. This enables the HTTP (or HTTPS) protocol to communicate the data from the server to the website. The channel that TCP creates is not encrypted, which is why HTTPS should be used to protect the data that is being transferred.

It is important that network owners employ encryption throughout their network, from encrypting data in storage to encrypting data in transit.

For more details on TCP/IP, try our Introduction to networking course.

Next steps

In the next step you will learn how encryption can also protect networks by authenticating their users.

Questions

Consider the network at your school. How is it, and the data it contains, protected?

Has your school ever experienced a network security breach?

Share your experiences in the comments.

Share this article:

This article is from the free online course:

Introduction to Encryption and Cryptography

Raspberry Pi Foundation