Election Security Spotlight – Encryption
What it is
Encryption is the process whereby data is converted from a readable form (i.e., plaintext), to an encoded form (i.e., ciphertext). This encoding is designed to be unintelligible except by parties that possess a key to reverse the encoding process. This reversal process is called decryption. Data is encrypted using a mathematical algorithm that relies on passcodes (keys) that are typically randomly generated. The most trusted encryption algorithms are considered secure because they have been publicly available for years and have not been broken. An attack on data encrypted with a trusted encryption algorithm could take years for even the most powerful computers to break.
There are two types of encryption: asymmetric (public key) encryption and symmetric (private key) encryption.
|Keys||2 keys – public (to be shared) and private (secret and possessed by only 1 person)||1 key – private (secret but shared between two or more partners)|
|Process||The sender encrypts information with recipient’s public key and the recipient decrypts information with their private key||The sender encrypts information with a private key and the recipient decrypts information with the same private key|
An easy way to understand these two types of encryption is two different types of lockboxes. In symmetric cryptography, you have a lockbox with one slot for a key. You make two copies of the key, and you give one to your friend. You lock the box with your copy, and when your friend comes along, they use their copy of the same key to unlock it.
Asymmetric cryptography is different. It’s more like a deposit dropbox at a bank. The bank publishes the location of the dropbox (the public key), and once you drop your deposit into it, it’s secure until the bank opens the box with the one and only copy of their key (the private key). Anyone can make a deposit once they know the location of the box, but only the bank can get deposits out.
Why does it matter
Encryption allows for the confidential storage and transmission of data, as well as proof that it originated with the person who claims to have sent it. Encrypting personally identifiable information (PII) with good encryption algorithms protects the data from accidental disclosure in the case of a data breach or malware infection. Elections offices may maintain a number of systems that utilize encryption and are responsible for identifying data that should be encrypted. This may include emails containing sensitive data, user connections to election office websites, stored passwords, financial information, voter registration records and databases, vote tabulation data on voting machines, and the transmission of election night results.
What you can do
Implement encryption when data is at rest (e.g., stored in a database or on a device) and in transit (e.g., sending through email) and ensure your election office’s adherence to encryption standards. The National Institute of Standards and Technology (NIST) Special Publication 800-175B provides the U.S. federal requirements for encryption standards to secure data at different sensitivity and/or classification levels. NIST Special Publication 800-122 provides the U.S. federal requirements for protecting the confidentiality of PII. For recommendations on where to implement encryption for election-related systems, please see best practices 4, 8, 9, 12, 46, 52, 83, and 84 of CIS’ A Handbook for Elections Infrastructure Security.
The EI-ISAC Cybersecurity Spotlight is a practical explanation of a common cybersecurity concept, event, or practice and its application to Elections Infrastructure security. It is intended to provide EI-ISAC members with a working understanding of common technical topics in the cybersecurity industry. If you would like to request a specific term or practice that may be of interest to the elections community, please contact [email protected].