Assignment Week 11 – BD308 – Hilma Aulia – 2581494366

Nama: Hilma Aulia Daffa
NIM: 2581494366

Pertanyaan: 

  1. What is the main difference between symmetric and asymmetric encryption?
  2. Explain what “data in transit” and “data at rest” mean, and why both need to be encrypted.
  3. Why should a business store hashed versions of user passwords instead of the passwords themselves?

Jawaban: 

1. The fundamental distinction here really comes down to how the keys are handled during the process.

In symmetric encryption, it’s pretty straightforward: you’re using one single key for everything—both locking and unlocking the data. It’s actually the preferred choice when you have to move a massive amount of information quickly because it’s efficient and doesn’t demand too much processing power. The real headache, though, is the “key exchange” problem. Since both sides need that exact same key, you have to find a way to get it to the recipient without anyone else sniffing it out. If that key gets leaked or intercepted while you’re sending it, the whole security chain basically collapses.

Asymmetric encryption takes a different approach to solve that specific problem by using a pair of keys: one public and one private. The cool thing here is that if someone sends you data encrypted with your public key, only you can open it using your private key. It’s a bit of a game-changer for internet security (it’s why HTTPS works) because you never actually have to share your secret key with anyone. The trade-off is that it’s a lot more “heavy” or computationally expensive compared to the symmetric method, so it’s usually reserved for securing the initial connection rather than encrypting every single bit of data.

 

2. Understanding Data States: In Transit vs. At Rest

When we talk about securing data, we’re usually looking at it from two different angles based on where that data actually “is” at any given moment. It’s not just about locking a file; it’s about how we handle it when it’s sitting still versus when it’s moving across the web.

  • Data in Transit

Think of this as any information currently “on the road.” Whether you’re hitting ‘send’ on an email, uploading a lab report to Google Drive, or just browsing a site, that data is actively traveling through network cables or Wi-Fi signals. Since it’s out in the open, so to speak, it’s vulnerable to being intercepted. That’s why we need encryption here—specifically to block things like “man-in-the-middle” attacks. Without it, someone sitting on the same network could essentially eavesdrop on everything you’re sending.

  • Data at Rest

This is the opposite—it’s the data that has reached its destination and is just sitting there. It’s stored on a hard drive, tucked away in a database, or even just sitting on a thumb drive in your bag. It isn’t moving, but that doesn’t mean it’s safe. If someone physically steals a laptop or manages to break into a server’s storage, they have direct access to those bits and bytes.

Why the Distinction Matters

The reason we can’t just use one “blanket” security fix is because the risks are different.

Encryption for data in transit is like an armored truck moving money between banks—it protects the asset while it’s in a vulnerable, public space. On the other hand, encrypting data at rest is more like having a high-tech vault inside the bank itself. Even if a thief manages to get past the front door (or hacks into the server), encryption ensures that the files they find are completely unreadable gibberish without the specific decryption key. Essentially, you need both layers to make sure there are no gaps in the lifecycle of your information.

 

3. Understanding Data States: Between the “Trip” and the “Destination”

When we talk about data security, it’s easy to get lost in technical jargon. But if you strip away the complexity, it really just comes down to where the data is at any given moment. Think of it like a piece of jewelry: it needs different kinds of protection depending on whether you’re wearing it out to dinner or keeping it in a drawer at home.

In the world of cybersecurity, we usually look at this through two lenses:

  • Data in Transit (The “Commute”)

This is basically any data that’s currently moving from point A to point B. Whether you’re hitting ‘send’ on a Slack message, uploading a photo to Instagram, or just browsing a website, that information is literally traveling across the internet.

The problem? Just like a physical letter being carried by a courier, it can be intercepted. Someone could “tap” into the Wi-Fi or the network you’re using and peek at what’s inside. This is why we use encryption—think of it as a tamper-proof envelope. Even if someone manages to snatch the letter while it’s on the road, they won’t be able to read a single word of it without the right key.

  • Data at Rest (The “Storage”)

Once the data reaches its destination, it doesn’t just disappear; it sits there. This is what we call “Data at Rest.” It’s the files on your hard drive, the documents in your Google Drive, or the databases sitting on a company’s server.

The risk here isn’t someone “sniffing” the connection—it’s more about unauthorized access or physical theft. If your laptop gets stolen or a server gets hacked, that “resting” data is what’s at stake. To protect it, we don’t just need a fancy envelope; we need a vault. Encryption at this stage ensures that even if a thief physically walks away with your hard drive, the data inside is essentially just digital gibberish to them.

The Bottom Line

At the end of the day, you can’t really choose one over the other. A strong security setup needs both. It’s useless to have a high-tech vault at home if you’re carrying your valuables in a clear plastic bag on the subway—and vice versa. You need a secure “envelope” for the journey and a solid “lock” for when it arrives.

 

Terima Kasih^^

Previous Post Previous Post
Newer Post Newer Post

Leave a comment