Editing Encryption (section)

== Uses ==

Encryption has long been used by [[Military|militaries]] and [[government]]s to facilitate secret communication. It is now commonly used in protecting information within many kinds of civilian systems. For example, the [[Computer Security Institute]] reported that in 2007, 71% of companies surveyed used encryption for some of their data in transit, and 53% used encryption for some of their data in storage.<ref>Robert Richardson, 2008 CSI Computer Crime and Security Survey at 19.[https://i.cmpnet.com/v2.gocsi.com/pdf/CSIsurvey2008.pdf i.cmpnet.com]</ref> Encryption can be used to protect data "at rest", such as information stored on computers and storage devices (e.g. [[USB flash drives]]). In recent years, there have been numerous reports of confidential data, such as customers' personal records, being exposed through loss or theft of laptops or backup drives; encrypting such files at rest helps protect them if physical security measures fail.<ref name="KeaneWhyStolen16">{{cite web |url=https://www.pcworld.com/article/3021316/security/why-stolen-laptops-still-cause-data-breaches-and-whats-being-done-to-stop-them.html |title=Why stolen laptops still cause data breaches, and what's being done to stop them |author=Keane, J. |work=PCWorld |publisher=IDG Communications, Inc |date=13 January 2016 |access-date=8 May 2018}}</ref><ref name="CastriconeFebruary18">{{cite web |url=https://www.natlawreview.com/article/february-2-2018-health-care-group-news-35-m-ocr-settlement-five-breaches-affecting |title= Health Care Group News: $3.5 M OCR Settlement for Five Breaches Affecting Fewer Than 500 Patients Each |author=Castricone, D.M. |work=The National Law Review |publisher=National Law Forum LLC |date=2 February 2018 |access-date=8 May 2018}}</ref><ref name="BekProtect16">{{cite web |url=https://blog.westerndigital.com/protect-your-company-from-theft-self-encrypting-drives/ |title=Protect Your Company from Theft: Self Encrypting Drives |author=Bek, E. |work=Western Digital Blog |publisher=Western Digital Corporation |date=19 May 2016 |access-date=8 May 2018}}</ref> [[Digital rights management]] systems, which prevent unauthorized use or reproduction of copyrighted material and protect software against [[reverse engineering]] (see also [[copy protection]]), is another somewhat different example of using encryption on data at rest.<ref>{{cite web|url=https://www.eff.org/issues/drm|title=DRM|work=Electronic Frontier Foundation}}</ref>

Encryption is also used to protect data in transit, for example data being transferred via [[computer network|networks]] (e.g. the Internet, [[e-commerce]]), [[mobile telephone]]s, [[wireless microphone]]s, [[wireless intercom]] systems, [[Bluetooth]] devices and bank [[automatic teller machine]]s. There have been numerous reports of data in transit being intercepted in recent years.<ref>Fiber Optic Networks Vulnerable to Attack, Information Security Magazine, November 15, 2006, Sandra Kay Miller</ref> Data should also be encrypted when transmitted across networks in order to protect against [[eavesdropping]] of network traffic by unauthorized users.<ref>{{Cite web|url=https://security.berkeley.edu/data-encryption-transit-guideline|title=Data Encryption in Transit Guideline |website=Berkeley Information Security Office |url-status=live |archive-url= https://web.archive.org/web/20231205085812/https://security.berkeley.edu/data-encryption-transit-guideline |archive-date= Dec 5, 2023 }}</ref>
<!-- If edited, this may be more appropriate in this section.

 With the increased use of digital archives because of evolving multimedia sources, comes with it an immense amount of data.<ref>{{cite journal |last1=Park |first1=Sang Bae |title=Security Requirements for Multimedia Archives |journal=Advances in Multimedia |date=3 August 2015 |volume=2015 |pages=e956416 |doi=10.1155/2015/956416 }}</ref> When two different parties for an entity like a multimedia source have access to all this data, they need to protect it-and they use a Symmetric Key when they want to be able to have only the two parties relay this information. Essentially the person/group sending the information has to have the same algorithm that the receiver does in order to receive it.<ref>{{cite journal |last1=Dent |first1=Alexander W. |title=A survey of certificateless encryption schemes and security models |journal=International Journal of Information Security |date=October 2008 |volume=7 |issue=5 |pages=349–377 |doi=10.1007/s10207-008-0055-0 }}</ref> However with this ability to have two parties to relay what now is encrypted data makes it the most susceptible encryption type to be targeted for an attack, opposed to a Public Key.
-->

=== Data erasure ===
{{main|Data erasure}}
Conventional methods for permanently deleting data from a storage device involve overwriting the device's whole content with zeros, ones, or other patterns – a process which can take a significant amount of time, depending on the capacity and the type of storage medium. Cryptography offers a way of making the erasure almost instantaneous. This method is called [[crypto-shredding]]. An example implementation of this method can be found on [[iOS]] devices, where the cryptographic key is kept in a dedicated '[[wikt:efface|effaceable]] storage'.<ref>{{Cite web|url=https://support.apple.com/guide/security/welcome/web
|title=Welcome|website=Apple Support}}</ref> Because the key is stored on the same device, this setup on its own does not offer full privacy or security protection if an unauthorized person gains physical access to the device.