Encryption is the process of transforming, or encoding, readable data, often referred to as plaintext, into an unreadable form, called ciphertext. Decryption is the reverse of this, where ciphertext is decoded, or transformed, back in to plaintext.
Encryption is widely used by both organisations and individuals to protect sensitive data stored on computers, servers and mobile devices such as phones and tablets. It is also used to protect information being transmitted over the internet, between a browser and a server.
There are two main components to encryption, an algorithm and a key, which are used in combination to encrypt and decrypt data. The algorithm can be thought of as like a padlock, which secures the data, whilst the key gives the ability to unlock the padlock and therefore access the data.
As well as there being specific software to encrypt data, such as files, folder, or even a whole hard disk, many everyday pieces of software also have the facility to encrypt data. AxCrypt and GnuPG are example of encryption software, whilst other everyday software that has the ability to encrypt data includes 7-Zip and Adobe Acrobat.
Encryption can be split in to two categories, Symmetric and Asymmetric Encryption.
With Symmetric Encryption, or Private Key Encryption, as it is sometimes known, there is a single, or shared key, that is used to encrypt and decrypt data. The key is sometimes referred to as a shared key because both the sender and receiver have to know it in order to encrypt and decrypt the data. Due to there only being one key, this type of encryption is usually much faster, however, there is the problem of having to share the key before communication can take place. To get around this issue, Asymmetric Encryption can be used to share the Symmetric Encryption key and then Symmetric Encryption can be used for communication thereafter.
The most widely used Symmetric Encryption algorithm is Advanced Encryption Standard, or AES, which was designed to protect classified government information. In software that provides encryption, such as 7-Zip, it often lists it as ‘AES 256’, with the number referring to the strength of encryption. Basically, the higher the number, the stronger the encryption algorithm, although there is an increase in the time taken for the encryption and decryption processes.
Other examples of Symmetric Encryption algorithms include:
- Data Encryption Standard (DES).
- Triple- Des (3DES).
With Asymmetric, or Public Key Encryption, as it is also known, there are two keys, a Public Key and a Private Key, which are mathematically linked, in order for them to work together. As the names suggest, the Public Key can be shared with anyone, but the Private Key must be kept a secret. If data needs to be transmitted, the sender can use the Public Key of the receiver to encrypt the data. The Private Key of the receiver is the only Key that can decrypt this message. If the receiver wishes to respond, the Public Key of the original sender can be used to encrypt the transmission and the corresponding Private Key of the original sender can be used for decryption.
The most widely used Asymmetric Encryption algorithm is Rivest-Shamir-Adleman, or RSA for short. With this algorithm both the Public and Private Keys can potentially be used to encrypt data and the corresponding Key can then decrypt it. This provides a means to show authenticity of a transmission. A transmission can be sent as described above, but also include some data encrypted by the Private Key of the sender. The receiver can then decrypt the message as before and then use the Public Key of the sender to decrypt the additional piece of data, therefore proving the origin of the transmission. This is known as a Digital Signature.
Other examples of Asymmetric Encryption algorithms include:
- Elliptic Curve Cryptosystem (ECC).
- Diffie-Hellman (DH).
- El Gamal.