what is encryption

Have you been wondering what is encryption? To start with, let’s look at the bigger picture of communication data. Every day we are communicating with people or computers (such as Siri and Alexa), and a lot of that communication is also picked up by others – think of eavesdroppers, people nearby, or apps and IoT (Internet of Things) systems that just happen to be eavesdropping too.

If you’re at a dinner party and want to say something private to your friend, then you’d leave the dinner table and take her somewhere the other guests can’t hear what you talk about. When it comes to the IoT era however, that becomes a little more difficult!

Let’s face it, there’s always someone interested in intercepting our voice, text messages, emails, and phone calls. Whether it’s for ominous purposes, big data for marketing, or just a snoop – we need to be proactive to protect our communication data, and “leave the dinner table” in a digital way.

Different countries have long-since implemented different laws to prevent the interception of public communication channels, such as voice calls (PSTN), or Post, but when it comes to digital channels; there’s so many different ways to communicate that legislation takes a while to catch up.

The best way to ensure security of your communication data online? Encryption.

What is Encryption?

The first use of encryption for military purposes came when the Romans ruled the earth over two thousand years ago. Caesar needed a way to send communication documents to his troops in the field and thus developed a substitution cipher method. With this method, they simply shifted the letters in the alphabet by three. A straightforward method in today’s times, but very effective in its day. In modern times, decoding such straight-forward codes with a computer is super easy.

Symmetric Encryption

The first modern encryption standards were achieved by using algorithms that have a key to encrypt and decrypt information (Symmetric). In 1975, the first Data Encryption Standard (DES) was proposed in the U.S. Federal Register. In 2001, the more secure Advanced Encryption Standard (AES), which we use today, replaced DES following decades of advancements and innovations in CPU power.

Asymmetric Encryption

With asymmetric encryption there are two types of keys: one for encryption (public key), and one for decryption (private key).

Transport Layer Security (TLS), known as SSL, is a cryptographic security protocol which is using symmetric and asymmetric encryptions to secure your communication. The TLS protocol aims primarily to provide privacy and data integrity. This protocol supports different type of methods for encrypting the data and authenticate for message integrity. We in maaiiconnect use the best methods approved by NIST to comply with compliances.

Communication and maaiiconnect

The maaiiconnect platform offers multiple ways for companies to communicate, both between their staff, and between staff with their customers. Our engineers and developers have had to look at all the different telecom and digital channels on offer in order to ensure communication across each of them is safe and protected:

  • maaiiconnect chat
  • maaiiconnect on-net calls
  • maaiiconnect off-net calls
  • maaiiconnect SMS
  • maaiiconnect toll-free
  • maaiiconnect omnichannel (Facebook, WhatsApp, and WeChat)
  • maaiiconnect conference calls
  • maaiiconnect video call + video conference
  • maaiiconnect screen sharing

How maaiiconnect protects your communications?

  • Communication is encrypted with the latest TLS version 1.3 standards
  • Using the HSTS (HTTP Strict Transport Security) mechanism to prevent man-in-the-middle attacks
  • 1 -1 video and voice calls are fully secured with strong encryption
  • Encrypting your data in the database using AES-256 (Encryption at rest), in full GDPR compliance
  • And a lot more, found here

How to ensure your connection is safe and secure?

Browser Safety

  • Always use the latest updated version of your browser (and always update your browser!)
  • We suggest using Google Chrome, which is the most secure browser
  • Google Chrome uses the latest TLS version 1.3 encryption standard, and encrypts your DNS request (DNS over HTTPS, DNS over TLS) to prevent cache poisoning (How to enable secure DNS)
  • Always check the domain of URLs that you are visiting to prevent misspelling attacks (typosquatting) that put you at risk when visiting a fake web site
  • Since 2006, a typosquatted variant of Google called ‘Goggle.com’ has existed, which was considered a phishing/fraud site. Later in around 2011-2012, the URL redirected to google.com. A cross-check in 2018 however, showed that the web site redirects users to adware pages
  • Make sure the website that you are using has a secure connection (HTTPS)

Try not to use unsecured and public WiFi

  • In a recent survey, 70% of tablet owners and 53% of smartphone / mobile phone owners stated that they use public Wi-Fi hotspots. However, because data sent through public Wi-Fi can easily be intercepted, many mobile devices and laptop users are risking the security of their personal information, digital identity, and money
  • It’s better to use a VPN (Virtual private network) after you connect to a public Wi-Fi network. This will help to create a private tunnel to encrypt your data
  • For making a secure call, make sure the browser is using a Secure WebSocket
  • maaiiconnect uses the latest version of WebSocket with TLS and DTLS-SRTP, to protect and encrypt your voice calls end to end

When making a secure call, make sure the browser is using a Secure WebSocket

  • maaiiconnect uses the latest version of WebSocket with TLS and DTLS-SRTP, to protect and encrypt your voice calls end to end

Always check permissions of applications and websites on your Microphone and Webcam

References

Typosquatting

How to check spam phishing emails

History of Cryptography

Blown to Bits, Hal Abelson [ISBN 0-13-713559-9]