Main Content

Encryption

The transmission of confidential data via the Internet and the storage and processing of this data on Internet-enabled devices require appropriate security measures. These include, in particular, the proper use of data encryption to maintain secrecy and ensure data integrity (protection against unnoticed changes).

Individually selected keys (passwords) play an essential role in the encryption and decryption of data. The sensible selection and handling of these keys and their secrecy are the basis of data security.

Procedure

When exchanging encrypted data (e.g. on websites or by email), the asymmetric encryption method is usually used. This involves encryption and decryption with two complementary key pairs, called the public key for encryption and the private key for decryption. This procedure is also known as a digital signature, so the secret key corresponds to a signet ring. Public keys with administrative data (name, validity period, purpose ...) are combined in certificates and digitally signed by a central certification authority (CA).

To use the server certificate, e.g. for a web server, the root certificate of the associated certification chain must be installed in the user's browser. Since January 2017, the root certificate "T-Telesec Global Root Class 2" has been available, which is valid until October 2033. The root certificate is preinstalled in all modern browsers and operating systems. For older devices
or in case of problems, please refer to the HRZ instructions.

-