The Big Idea
What if your private secrets were left unprotected, just waiting for someone to steal them?
0
0
Why Encryption at rest and in transit in HLD? - Purpose & Use Cases
The Scenario
Imagine you have a treasure chest full of valuable letters and you keep it in your house. You also send some letters to your friend through a regular mail service. You worry someone might open your chest or read your letters while they travel.
The Problem
Without proper protection, anyone who breaks into your house can read your letters in the chest. Also, letters sent through mail can be intercepted and read by strangers. Manually trying to guard every letter or package is slow, risky, and often fails to keep secrets safe.
The Solution
Encryption at rest locks your treasure chest with a strong lock so even if someone breaks in, they can't read the letters. Encryption in transit wraps each letter in a secure envelope that only your friend can open, protecting it while it travels.
Before vs After
✗ Before
Store data directly on disk
Send data over network as plain text✓ After
Encrypt data before saving to disk Use secure protocols (like TLS) to send data
What It Enables
It enables secure storage and communication so sensitive information stays private and safe from attackers everywhere.
Real Life Example
When you shop online, your credit card info is encrypted before saving on servers and also encrypted while traveling from your browser to the store, keeping your payment details safe.
Key Takeaways
Manual protection of data is unreliable and risky.
Encryption at rest secures stored data from unauthorized access.
Encryption in transit protects data while it moves between systems.