Encrypting a file using a cryptographic key.
How it Works
Files are encrypted using either a single key for both encryption and decryption or separate keys. Single key encryption is symmetric encryption and using two key distinct keys is asymmetric encryption.
Symmetric encryption uses the same cryptographic key for both the encryption and decryption a file. Managing keys at scale sometimes uses asymmetric key exchange protocols such as Diffie-Hellman can be used to share the symmetric cryptographic key with the others.
Asymmetric encryption is typically accomplished using public and private key certificates based on the X.509 standard. Files are encrypted using the public key and decrypted using their private key. Asymmetric encryption is typically slower than symmetric encryption and not widely used for large file encryption, but is popular for key wrapping, key exchanges, and digital signatures.
- Continuous monitoring to ensure private keys are not compromised and the certificate authority (CA) is trusted.
- Secure transfer of private keys between multiple devices.
The following references were used to develop the File Encryption knowledge-base article.
(Note: the consideration of references does not imply specific functionality exists in an offering.)