Encryption is a big deal in internet safety. If you've never heard the word "cryptography" before, that's exactly what it is - safety. Encryption is the process of transforming a set of data in such a way that it can't be read or used without knowing how to "decode" it. This process has been present throughout history, especially in warfare, and dates back to thousands of years in the past. In modern times, however, it's used primarily for transferring sensitive information across the internet... Wouldn't exactly want your bank details being stolen when you enter your credit card into a website, after all. To decode encrypted data, you'd need a special kind of "key" to know how the data was encrypted in the first place, then you'd have to reverse the encryption to get the original data. There are many methods used to encrypt data, and today we'll go over some of the ones that are used on the internet, and how secure each of them are.
2(.5) Different Encryption Types
There are two main ways to encrypt data over the internet: symmetric and asymmetric. There's a "third" type which is debated on whether it actually counts as encryption, known as "hashing." We'll look into the overview of what each of these ways are, and then go over some of the individual algorithms - the "methods" used in each type of encryption.
Starting with symmetric encryption, it's fairly simple - both the sender and the receiver of the information need access to a secret "key" which allows them to both encrypt and decrypt data. This is good for closed systems where there's little to no chance of the key getting out, but if someone were somehow to get ahold of your key, they'd be able to decrypt any and all of your data. It's like handing out copies of your house key - you need that key to get in and out, but if somebody stole one of your keys, they could also get in and out any time they wanted, without your permission.
Assymetric encryption, on the other hand, while slower than symmetric encryption, is a bit more secure. It utilizes a public key, which anyone can access, to encrypt data - then a private key to decrypt it, allowing access to the data. Both keys are simply very big numbers which are mathematically linked. The numbers are different but connected, hence the "asymmetric" name.
Hashing, unlike the other two types of encryption, isn't a way to send and receive data securely - instead, it's a way of monitoring changes to a data set. Hashing data is a way of generating a unique, secure "signature" for each individual item or message in a set of data. This signature will be changed in minor ways with each change to the data itself, making it easy to track when a change - authorized or not - has been made. However, hashed data cannot be decrypted or reverted to its original form, making it entirely impossible to get access to it without simply having access to the original data.
What Are Encryption Algorithms, and What Are Keys?
An algorithm is the thing used to encrypt your data. It converts a provided set of data into another set of data - one that appears to be random, but has actually been generated in a predictable way that can be reversed via a key.
A key is like a special "code" you need to access your information. Once you receive a set of encrypted data, if you have the right key, that can be used to convert it back into its original state, allowing you to view it as normal.
Essentially, the the algorithm "locks" your information to be sent across the internet, and the key "unlocks" it once the receiver gets it themselves. If it's intercepted along the way, and the interceptor doesn't have the key, it's difficult for them to get access to it - this is why encryption is important. Even if a hacker were to get hold of your credentials, if it's encrypted and they have neither the key to unlock it nor the tools to get around that, they can't exactly do anything with it.
Examples of Encryption Methods
Since we've gone over encryption and the various parts of it, let's talk about some methods used TO encrypt your data:
- Data Encryption Standard (DES): The oldest and most used form of encryption, this symmetric method takes 64-bit blocks of plaintext (the stuff you want to encrypt) and converts it into ciphertext (the plaintext that has been encrypted) via 48-bit keys.
- Triple DES: Created to counter hackers who figured out how to bypass DES encryption, Triple DES applies DES encryption three times over to each block of data. Often used for ATM pins and UNIX passwords, it was once the most widely used symmetric method, but isn't as common nowadays.
- Advanced Encryption Standard (AES): Another symmetric method, this is the standard and trusted encryption system used by the U.S. Government, AES is an extremely powerful way to encrypt data, and is quite popular when it comes to private data. It's used by many companies, and is believed to be invulnerable to all but brute force attacks (essentially, just guessing the key repeatedly until you get it - since keys can be so complex, this usually takes a VERY long time, even with an automated system for it).
- Rivest-Shamir-Adleman (RSA): The standard for transferring data across the internet, this asymmetric encryption algorithm works by essentially generating a ton of gibberish that hackers waste time and effort attempting to decode, serving to frustrate them before they ever get the chance to receive your data.
- Blowfish: A secondary replacement for DES, this symmetric algorithm is known to be fast, reliable, and secure. It's also free to use, being in the public domain. Often used for digital trade and payments, as well as password management.
- Twofish: Essentially Blowfish's successor, and another symmetric algorithm, it deciphers in 128-bit blocks and always encrypts in 16 rounds regardless of key size. Used in many modern file and folder encryption systems due to its speed and security.
Concluding Thoughts and Resources
Overall, there are a LOT of ways to encrypt data. As technology and innovation advances, we'll no doubt see many more in the future. Security, especially on the web, is constantly being developed to ensure protection of its users, including your personal data as an individual. I believe that putting the effort in to learn about the subject is what motivates people to help aid in that development, so here are the resources I used for this blog:
Top comments (0)