What Is Encryption and How Does It Work?
We live in a world full of data breaches and hacks, where cybersecurity experts keep stressing how critical strong passwords are. And the internet is booming with guides on increasing your digital safety. By now, most of us know at least a few key tips on creating strong passwords. But of course, putting these tips into actual use is a different story. So if you feel that you need to refresh your memory on tips for secure passwords, we have a handy guide for you.
On the other hand, encryption is a less familiar topic and, therefore, a rather mysterious one. It dates way back to when ancient Greeks and Romans would substitute letters to write secret messages that could only be read with a secret key. But today we'll not talk about history and the evolution of cryptography. In this article, we'll cover modern encryption and how it works. We’ll also tell you how encryption keys work and what types of encryption we use today.
What is encryption?
Encryption is a modern cryptography method that encodes information in such a way that only authorized parties can access it. Most security and privacy-focused services use it nowadays. One of the most common and easy to understand examples is email. If you send an encrypted email message, it means that only you as a sender and your recipient will be able to see it. Internet service providers, hackers, and any other unwanted eyes won't be able to read the content of the message.
Encryption uses a combination of algorithms and keys to encode or decode your information. There are many types of algorithms, which involve different ways to encrypt and decrypt data.
What is an encryption key?
Keys are generated randomly by either number generators or computer algorithms that mimic the same process. You might have seen the keys described as 64-bit, 128-bit, or 256-bit. The number refers to binaries (zeros and ones), so the larger the number, the more time and effort you need to crack this key. Most modern encryption services use at least 128-bit keys, with some opting for 256 bits or more.
To put that into perspective, cracking a 256-bit key would require a brute force attack to test over 2^256 possible combinations. Even a relatively weak 64-bit key has 18,500,000,000,000,000,000 possible combinations.
Types of modern encryption
There are two main types of encryption: symmetric (or private key) and asymmetric (public key).
Symmetric encryption (or private key encryption)
Symmetric encryption uses the same secret key both for encoding plaintext and for decoding ciphertext. It means that both parties must know the key - that’s why some call this method shared secret encryption.
Symmetric encryption is a better choice for transferring large amounts of data, as it takes less time to encrypt and decrypt it.
The most popular algorithms used for this type of encryption are RC4 (RC 5 and RC6), AES, DES, 3DES, and QUAD. For more information about symmetric encryption, check our blog post.
Asymmetric encryption (or public key encryption)
This encryption type is very complex and rather new. Asymmetric encryption uses pairs of keys.: The private key must be kept secret and known only to the owner, and the public key may be distributed openly without compromising security. The public key is used to encrypt plaintext and the resulting ciphertext can only be decrypted with a private key.
So if you want to send someone a secure message, you need their public key to encrypt the plaintext. Only they will be able to decrypt it with a matching private key. This system allows two sides to communicate securely without exchanging decryption keys first. The private (decryption) key never leaves the sender’s device, so there is no way to compromise the key during an exchange.
The most common algorithms used for this encryption type are RSA, Diffie-Hellman, ECC, El Gamal, and DSA. For more information about asymmetric encryption, check our blog post.
Which type of encryption is safer?
Both encryption types are safe, offer different strengths, and are often used together. For example, when large data sets need speedy encryption, symmetric encryption is a better choice. But first the two parties may use asymmetric encryption to exchange the secret key of symmetric encryption. All in all, to answer this question in full, you need to dig deeper into algorithms.