What is ENCRYPTION?

Encryption is used to protect data from being stolen, changed, or compromised and works by scrambling data into a secret code that can only be unlocked with a unique digital key.

How encryption works

Encryption works by encoding “plaintext” into “ciphertext,” typically through the use of cryptographic mathematical models known as algorithms. To decode the data back to plaintext requires the use of a decryption key, a string of numbers or a password also created by an algorithm. Secure encryption methods have such a large number of cryptographic keys that an unauthorized person can neither guess which one is correct, nor use a computer to easily calculate the correct string of characters by trying every potential combination (known as a brute force attack).

Types of encryption

The two most common types of encryption algorithms are symmetric and asymmetric.

Symmetric encryption, also known as a shared key or private key algorithm, uses the same key for encryption and decryption. Symmetric key ciphers are considered less expensive to produce and do not take as much computing power to encrypt and decrypt, meaning there is less of delay in decoding the data.?

The drawback is that if an unauthorized person gets their hands on the key, they will be able to decrypt any messages and data sent between the parties. As such, the transfer of the shared key needs to be encrypted with a different cryptographic key, leading to a cycle of dependency.?

Asymmetric encryption, also known as public-key cryptography, uses two separate keys to encrypt and decrypt data. One is a public key shared among all parties for encryption. Anyone with the public key can then send an encrypted message, but only the holders of the second, private key can decrypt the message.?

Asymmetric encryption is considered more expensive to produce and takes more computing power to decrypt as the public encryption key is often large, between 1,024 and 2,048 bits. As such, asymmetric encryption is often not suited for large packets of data.

Common encryption algorithms

The most common methods of symmetric encryption include:

Data Encryption Standard (DES): An encryption standard developed in the early 1970s, DES was adopted by the US government in 1977. The DES key size was only 56 bits, making it obsolete in today’s technology ecosystem. That being said, it was influential in the development of modern cryptography, as cryptographers worked to improve upon its theories and build more advanced encryption systems.

Triple DES (3DES): The next evolution of DES took the cipher block of DES and applied it three times to each data block it encrypted by encrypting it, decrypting it, and then encrypting it again. The method increased the key size, making it much harder to decrypt with a brute force attack. However, 3DES is still considered insecure and has been deprecated by the US National Institute of Standards (NIST) for all software applications beginning in 2023.

Advanced Encryption Standard (AES): The most used encryption method today, AES was adopted by the US government in 2001. It was designed on a principle called a “substitution–permutation network” that is a block cipher of 128 bits and can have keys at 128, 192, or 256 bits in length.

Twofish: Used in both hardware and software, Twofish is considered the fastest symmetric encryption method. While Twofish is free to use, it’s not patented nor open source. Nevertheless, it’s used in popular encryption applications like PGP (Pretty Good Privacy). It can have key sizes up to 256 bits.

The most common methods of asymmetric encryption include:

RSA: Stands for Rivest-Shamir-Adelman, the trio of researchers from MIT who first described the method in 1977. RSA is one of the original forms of asymmetric encryption. The public key is created by the factoring of two prime numbers, plus an auxiliary value. Anyone can use the RSA public key to encrypt data, but only a person who knows the prime numbers can decrypt the data. RSA keys can be very large (2,048 or 4,096 bits are typical sizes) and are thus considered expensive and slow. RSA keys are often used to encrypt the shared keys of symmetric encryption.

Elliptic Curve Cryptography (ECC): An advanced form of asymmetric encryption based on elliptic curves over finite fields. The method provides the robust security of massive encryption keys, but with a smaller and more efficient footprint. For instance, a “256-bit elliptic curve public key should provide comparable security to a 3,072-bit RSA public key.” Often used for digital signatures and to encrypt shared keys in symmetric encryption.

Importance of data encryption

People encounter encryption every day, whether they know it or not. Encryption is used for securing devices such as smartphones and personal computers, for protecting financial transactions such as making a bank deposit and buying an item from an online retailer, and for making sure messages such as email and texts are private.?

If you’ve ever noticed that a website’s address starts with “https://” (the “s” means “secure”) it means that the website is using transport encryption. Virtual private networks (VPNs) use encryption to keep data coming and going from a device private from prying eyes.?

Encryption performs four important functions:

• Confidentiality: keeps the contents of the data secret
• Integrity: verifies the origin of the message or data
• Authentication: validates that the content of the message or data has not been altered since it was sent
• Nonrepudiation: prevents the sender of the data or message from denying they were the origin