Encryption is the conversion of sensitive information known
as plain text into illegible cipher text using a bit-string referred to as a
key. The general idea is that the more bits a key has, the stronger the
cryptographic algorithm will be. Nonetheless, each cryptographic algorithm can
be broken, given enough time and processing power.
The goals of cryptography are:
1.
Confidentiality (protect data from being read)
2.
Data integrity (detect whether data has been altered)
3.
Authentication (assure data originated from a particular party)
There are three types of encryption: hashing, symmetric
encryption, and asymmetric encryption.
Hashing
Hashing algorithms are often one-way functions, i.e. you
cannot un-hash hashed data. Hashing is typically used to detect if data has
been tampered with. On passwords, hashing is used to see if someone knows a
password without exposing the password itself.
Symmetric / Asymmetric Encryption
Symmetric encryption algorithms use one key for both
encryption and decryption. The sender and receiver must share this key with
each other before they can start exchanging data using symmetric encryption. Asymmetric
algorithms use two separate keys for encryption and decryption. These keys are
known as the public key and the private key. The private key must be kept
secret at all times, while the public key may be shared with everyone. Symmetric
encryption is faster than asymmetric encryption, making it ideal for encrypting
large amounts of data.
Encryption in the Solution
The solution outlined in this article makes use of symmetric
encryption, i.e. the same key used for encryption is also used for decryption. The
password the user enters into the form is used to generate this key. Since it
is theoretically possible that two users could use the same password to protect
their individual InfoPath forms, extra text, called salt, is added to ensure
uniqueness of the generated key. The user name of the logged on user is used
as the salt for the key.