The Beginners Guide To Encryption

Encryption...

..singlehandedly is the best tool anyone can use to protect their data. Even if you could apply every thinkable computer security measure but still store or communicate data in raw, plain text, unencrypted, the data still wouldn’t be properly protected. 

It is important to understand that encryption only protects data from being understandable, not from being stolen. That’s an important difference. In theory, somebody could steal your data, not being able to interpret it, but then a year later crack the encryption, and get full access to your data.

Why encryption is relevant to everyone!

Encryption is used by everyone of us on a daily basis to protect our most valuable secrets and it is a part of almost every service and device we use. Every time you make a purchase online, login to your bank, do your taxes, make a phone call, upload files to the cloud or send a message your data is encrypted. It is a vital lock for protecting our identities and most critical online infrastructures from hackers and thieves.

What Is Encryption?

Encryption is a result of cryptography which is the art and science of making secret codes. Encryption is the method of which plain text is turned into what is called cipher text, a message that is scrambled into unintelligibility according to a particular algorithm – a series of well-defined steps that can be followed procedurally.  The message can then securely be transported over the internet, picked up by the receiving end where it can be decrypted and reversed back into plain text. Decryption is the process of reversing the encryption.

Encryption

Decryption

How Does It Work?

There are two main types of encryption that are commonly used in our daily lives and they are called symmetric and asymmetric key encryption.

Let’s first take a look at symmetric encryption to understand why asymmetric encryption was created. 

Symmetric

Symmetric encryption uses the same key to encrypt and decrypt which is perfectly fine for situations where you don’t have the need for securely sharing the files with anyone. Think about it, how do you securely communicate the decryption key to anyone but yourself? You could meet the person in real life and whisper the secret key but this isn’t very scalable.

This problem is solved by asymmetrical encryption. 

Asymmetric

Asymmetric encryption, on the other hand, uses two keys. One for encryption and one for decryption. One is called private key and the other is called public key. The private key must be kept secret because it is used to decrypt the message. The public key on the other hand is known by everyone. The two keys are related to each other which is important because it allows for data to be encrypted with a specific public key only to be decrypted by the corresponding private key. 

So, if Bob wants to send a file to Jane he encrypts the file with Jane’s public key and because Jane is only one who has her private key, she is the only one who can decrypt. 

Common Encryption Algorithms:

AES (Advanced Encryption Standard) (Symmetric)

The AES algorithm is a block cipher which means that it encrypts and decrypts in predetermined block sizes, which are measured in bits. The block size of AES is 128 bits, so for every 128 bits of plaintext, 128 bits of cipher text is produced. AES can be used with three key lengths, which are 128, 192 and 256 bits. 

AES is commonly used for archive and compression tools (such as WinZip), disc encryption, VPNs, password managers and every type of encryption that doesn’t require the encryption key to be transported over the internet.

The AES-256 is approved by the U.S Government to be a secure encryption that can be used on top secret government documents.

RSA (Asymmetric)

RSA is a public key encryption, which is critically important because it is the type of encryption that is used for most secure internet communication. Remember that public key encryption makes secure encrypted communication possible because it removes the need for sending the decryption key. 

Many important internet protocols relies on RSA for safe communication such as Secure Shell, OpenPGP, S/MIME, and SSL/TLS and digital signature functions. Software such as internet browsers also depend on RSA encryption because of the constant need for communication securely over unsecured networks such as the internet.

ECC (Elliptic Curve Cryptography)

This is the successor of the RSA encryption algorithm and is used for protocols such as PGP, SSH, and TLS. It is an asymmetric public-key encryption algorithm based on the algebraic structure of Elliptic curves, let’s not dive deeper in to those though. One of the advantages is that it requires smaller encryption keys while providing equivalent encryption in comparison to non-ECC algorithms. This makes it very efficient.

How Secure Is Encryption?

Encryption is extremely secure and your data is very unlikely to be compromised due to cracked encryption, provided modern encryption algorithms are used. Encryption algorithms continuously get outdated and replaced by newer, updated and more secure versions so it’s important to be up to date with which encryption methods are reliable.

There are two ways to crack an encryption and they are brute-forcing and cryptanalysis. 

Brute Forcing

Brute-forcing basically means automated guessing.

Let me put things into perspective.

If the encryption key is 8 bits long the number of key variations are 28
which makes 256 possible combinations. Not too strong. 

Using AES-256 on the other hand, makes 2256 possible combinations, which is a total of:

115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,
560,000,000,000,000,000,000,000,000…

..possible combinations.

To brute force this would require millions of years to guess with the computing power available today.

Let’s conclude that brute forcing is not an option when cracking encryption.

Cryptanalysis

The other method is cryptanalysis which is a daunting process that requires lots of computational power, time and data. When you apply cryptanalysis you try to find hidden aspects in the unfathomably complex cipher text. Even when cryptanalysis was applied on older types of encryption it was very rare that a file or message could be fully decrypted, at best, small portions could be decrypted. 

The big question is if organisations such as the NSA can break AES-256 with cryptanalysis? My guess is that they cannot but unless the world sees a new Edward Snowden that reveals their secrets, i guess we will never know.

SSL/TLS

The majority of all encryption that your data is protected by is done automatically by the software without you having to do anything. When you make a payment the infrastructure around that payment takes care of everything, all you have to do is enter your payment details and press pay.

Secure Socket Layer encryption is the standard encryption protocol that utilises a combination of asymmetric (public-key) and symmetric (private-key) key algorithms. It is used specifically for internet browser communications. Every time you make a payment you can rest assure that your credit card details wont be stolen thanks to SSL/TLS. When SSL/TLS is in action you can see a padlock and HTTPS in the browser URL bar.

End-to-End Encryption

This hides the content of messages locally on your computer or device before the message leaves the device, only allowing the senders and receivers to read it. This means that even if someone is intercepting your communication, they cannot read it because the encryption has already taken place. This type of encryption is commonly used by companies who provide secure software such as e-mail, instant messaging apps and VPNs. 

Beware of companies who offer communication security services that don’t use end-to-end encryption because it means that they have to store the encryption keys for you. This is a potential risk.

Other Areas Of Encryption

Disc Encryption

This hides the content of messages locally on your computer or device before the message leaves the device, only allowing the senders and receivers to read it. This means that even if someone is intercepting your communication, they cannot read it because the encryption has already taken place. This type of encryption is commonly used by companies who provide secure software such as e-mail, instant messaging apps and VPNs. 

Beware of companies who offer communication security services that don’t use end-to-end encryption because it means that they have to store the encryption keys for you. This is a potential risk.

File/Folder Encryption

File encryption encrypts data a file by file basis and protects them from being understandable if they get stolen. Several software options are available for file encryption purposes.

Ending Notes

Now that you know a little bit more about the importance of encryption and how it works you can rest assure that it will protect every aspect of your digital life. 

The take away message is to encrypt everything you can and make sure the devices and software you are using are secured by encryption.

2 thoughts on “The Beginners Guide To Encryption

Leave a Reply

Your email address will not be published. Required fields are marked *