Security; Privacy; Algorithms
Encryption is the encoding of information so that only those who have access to a password or encryption key can access it. Encryption protects data content, rather than preventing unauthorized interception of or access to data transmissions. It is used by intelligence and security organizations and in personal security software designed to protect user data.
Encryption is a process in which data is translated into code that can only by read by a person with the correct encryption key. It focuses on protecting data content rather than preventing unauthorized interception. Encryption is essential in intelligence and national security and is also common in commercial applications. Various software programs are available that allow users to encrypt personal data and digital messages.
The study of different encryption techniques is called “cryptography.” The original, unencrypted data is called the “plaintext.” Encryption uses an algorithm called a “cipher” to convert plaintext into ciphertext. The ciphertext can then be deciphered by using another algorithm known as the “decryption key” or “cipher key.”
A key is a string of characters applied to the plaintext to convert it to ciphertext, or vice versa. Depending on the keys used, encryption may be either symmetric or asymmetric. Symmetric-key encryption uses the same key for both encoding and decoding. The key used to encode and decode the data must be kept secret, as anyone with access to the key can translate the ciphertext into plaintext. The oldest known cryptography systems used alphanumeric substitution algorithms, which are a type of symmetric encryption. Symmetric-key algorithms are simple to create but vulnerable to interception.
In asymmetric-key encryption, the sender and receiver use different but related keys. First, the receiver uses an algorithm to generate two keys, one to encrypt the data and another to decrypt it. The encryption key, also called the “public key,” is made available to anyone who wishes to send the receiver a message. (For this reason, asymmetric-key encryption is also known as “public-key encryption.”) The decryption key, or private key, remains known only to the receiver. It is also possible to encrypt data using the private key and decrypt it using the public key. However, the same key cannot be used to both encrypt and decrypt.
Asymmetric-key encryption works because the mathematical algorithms used to create the public and private keys are so complex that it is computationally impractical determine the private key based on the public key. This complexity also means that asymmetric encryption is slower and requires more processing power. First developed in the 1970s, asymmetric encryption is the standard form of encryption used to protect Internet data transmission.
Authentication is the process of verifying the identity of a sender or the authenticity of the data sent. A common method of authentication is a hashing algorithm, which translates a string of data into a fixed-length number sequence known as a “hash value.” This value can be reverted to the original data using the same algorithm. The mathematical complexity of hashing algorithms makes it extremely difficult to decrypt hashed data without knowing the exact algorithm used. For example, a 128-bit hashing algorithm can generate 2128 different possible hash values.
One of the most commonly used encryption programs is Pretty Good Privacy (PGP). It was developed in 1991 and combines symmetric- and asymmetric-key encryption. The original message is encrypted using a unique one-time-only private key called a “session key.” The session key is then encrypted using the receiver's public key, so that it can only be decrypted using the receiver's private key. This encrypted key is sent to the receiver along with the encrypted message. The receiver uses their private key to decrypt the session key, which can then can be used to decrypt the message. For added security and authentication, PGP also uses a digital signature system that compares the decrypted message against a message digest. The PGP system is one of the standards in personal and corporate security and is highly resistant to attack. The data security company Symantec acquired PGP in 2010 and has since incorporated the software into many of its encryption programs.
Encryption can be based on either hardware or software. Most modern encryption systems are based on software programs that can be installed on a system to protect data contained in or produced by a variety of other programs. Encryption based on hardware is less vulnerable to outside attack. Some hardware devices, such as self-encrypting drives (SEDs), come with built-in hardware encryption and are useful for high-security data. However, hardware encryption is less flexible and can be prohibitively costly to implement on a wide scale. Essentially, software encryption tends to be more flexible and widely usable, while hardware encryption is more secure and may be more efficient for high-security systems.
—Micah L. Issitt
Bright, Peter. “Locking the Bad Guys Out with Asymmetric Encryption.” Ars Technica. Condé Nast, 12 Feb. 2013. Web. 23 Feb. 2016.
Delfs, Hans, and Helmut Knebl. Introduction to Cryptography: Principles and Applications. 3rd ed. Berlin: Springer, 2015. Print.
History of Cryptography: An Easy to Understand History of Cryptography. N.p.: Thawte, 2013. Thawte. Web. 4 Feb. 2016.
“An Introduction to Public Key Cryptography and PGP.” Surveillance Self-Defense. Electronic Frontier Foundation, 7 Nov. 2014. Web. 4 Feb. 2016.
Lackey, Ella Deon, et al. “Introduction to Public-Key Cryptography.” Mozilla Developer Network. Mozilla, 21 Mar. 2015. Web. 4 Feb. 2016.
McDonald, Nicholas G. “Past, Present, and Future Methods of Cryptography and Data Encryption.” SpaceStation. U of Utah, 2009. Web. 4 Feb. 2016.