wk1003mike/Shutterstock.com
Youve probably seen the term encryption used around the internet. So what is it? It might be the most important technology we have. Most digital security measures,everything from safe browsing to secure email, depend on it. Without encryption, wed have no privacy.
If you write something down that is important, private, or sensitive you might worry that someone else is going to read it. If you need to give it to a messenger to take to another person, the risk of the wrong people reading that message increases. Encryption changes the composition of a message or data so that only people who know how to return it to its original form can read it. To anyone else, itll appear as gibberish or a meaningless collection of characters and symbols.
Since the earliest times, people have used different techniques of preventing anyone but the intended recipient from reading private messages. The ancient Greeks would wrap a strip of parchment in a tight spiral around a wooden rod called ascytale. They wrote their message along the length of the rod, over the wrapped parchment.
Uncoiled, the writing on the parchment made no sense. A messenger would deliver the parchment to the recipient who would read the message in private having first wrapped it around their own, matching, scytale. This is a form oftransposition cipher.
Its a primitive technique, but it has elements that youll find in modern encryption systems. Both the sender and the recipient must know in advance what the encryption scheme is, and how to use it. And they both need matching mechanisms to do so.
Another method used by the ancient Greeks used aPolybius square. This was a five-by-five or six-by-six grid of letters. A letter was referenced by its coordinates, like the game battleships. The first letter in the first row was coded as 11, the fourth letter on the second row would be written as 42, and so on.
Of course, there are many ways to fill the grid with letters. Unless you know the layout of the letters, decryption is difficult. This lets you set up a scheme with multiple squares with different layouts. You could create seven squares and use a different square for each day of the week, for example. Schemes that use multiple alphabets are calledpolyalphabetic ciphers.
A Polybius square is a form of code. A code substitutes other characters for letters, in this example, digits. Ciphers replace letters with other letters.
Julius Caesar gave his name toCaesars Cipher. This uses an offsetor rotationto select a letter a set distance from the letter youreenciphering. If you were using an offset of two, A would be written as C, and D would be written as F. The recipient has to know the correct offset to use to decipher the message by subtracting the offset from the letters theyve received.
A Caesars Cipher with an offset of 13known as rotation 13 or ROT13possesses a special quality. There are 26 letters in the standard English alphabet, and 13 divides into 26 exactly twice. With this offset, to decipher something you can put it through the enciphering process again. Enciphering twice returns you to the original text.
If you pick out the letters GEEK in the top alphabet and note the matching letters in the lower alphabet, youll get TRRX. If you do that again with TRRX in the top alphabet youll get the letters GEEK from the bottom alphabet.
In programming terms, this simplifies matters because you only need to write an enciphering routine. Theres no need for a deciphering routine. This is why writing a ROT13 implementation is a common exercise for people learning to program. ROT13 is also commonly held up as anexample of very poor, low-grade encryption.
You can try it yourself with this online ROT13 engine. Try entering Alaska Nynfxn then putting the output back in as the input.
All of the examples weve covered here are easy to crack, but they do illustrate a common element that is shared amongst them all, and amongst all forms of encryption. Theres a set of rules to follow to convert your original data, called the plaintext, into the enciphered version, known as the ciphertext. That set of rules is an algorithm. And thats what encryption is.
Its algorithms for privacy.
Just like the person in ancient Greece, a person in the digital age who wishes to store or send private data faces challenges. What can you do to prevent unauthorized people from accessing the data? And what can be done to make it secure?
All of the old systems could be overcome with knowledge of the encryption system. Use the same diameter rod and the scytale message becomes readable. Caesars Cipher can be broken by trying different offsets on the first part of the message. You only have 25 to try, at the most.
Polybius squares pose more of a challenge because the layout of the letters within the square is unpredictable.If you know what the layout of the square is, it isnt even a challenge. If you have no idea of the layout of the square you can try to decipher the message by studying the ciphertext itself.Thats called cryptanalysis.
With a simple cipher, you can use aids like letter frequency tables to work out which ciphertext letter represents which plaintext letter.A secure encryption scheme needs to be secure no matter who knows about the mechanics of the scheme, and the ciphertext must withstand cryptanalysis attacks.
Robust digital schemes dont work on letters and characters one at a time as serial ciphers do. They work through the data a chunk at a time and are called block ciphers.
They manipulate the bitsall those ones and zeroesinside each block according to the rules of complicated mathematical transforms embedded inside the encryption algorithms.If an algorithm uses a block size of 128 bits itll work its way through the data in chunks of 128 bits. If the last chunk to be processed is smaller than 128 bits, it is padded to 128 bits.
There are many block encryption schemes available. The Advanced Encryption Standard (AES) is the official encryption standard of the U.S. government. Different encryption schemes use different algorithms and different block lengths and make use of different combinations of mathematical transforms.
RELATED: What Is "Military-Grade Encryption"?
That all sounds very thorough, but how do we prevent an unauthorized person from using the same encryption scheme to decrypt our encrypted data?
Well look at a special case first. Its possible to encrypt data using a one-way transform. This is the very antithesis of ROT13 because the resulting ciphertext cannot be reverted to plaintext. More accurately, it cant be decrypted within a practical timeframe. This type of encryption is used in hashing functions where a string of plaintext is hashed into a string of ciphertext, called the hash or hash string. All of the hash strings are the same length.
How is this useful? Well, a secure website wont store your password in plaintext. Your password is hashed and the hash string is stored. Your password is never retained. When you next log in and enter your password, it is hashed and the hash string is compared to the hash string that is stored in your account details. If they match, you can enter. If you enter an incorrect password the two hash strings wont match and you are not allowed in.
This lets the website use authentication without having to store the passwords in an exposed form. If they get hacked, none of the passwords are compromised. Hashing techniques may also add unique, random data called asalt to the passwords before they are hashed. This means all hashes are unique even if two or more users happen to have chosen the same password.
To prevent unauthorized people from decrypting data, a key is used that identifies who encrypted it and who can decrypt it. A key is a long sequence of bytes generated by a complex algorithm. They typically range in size from 128 bytes to 2048 bytes or more. The key is used by the encryption algorithm when it is encrypting the plaintext. The key size is independent of the block size.
To protect locally stored data, entire hard drives can be encrypted. The encryption is tied to the login identity of the user and the key is generated automatically and applied automatically. The user doesnt have any direct interaction with the key, and the key never needs to be sent to anyone else.
Because the key is tied to the login identity of the user, removing the hard drive from the computer and connecting it to another computer will not allow access to the data. This type of protection safeguards data that is static or at rest.
If your data must be transmitted you need to consider how you will safeguard your data in transit.
When you connect to a website and see a padlock symbol in the address bar, you know youre connected to a website that is secure, right? Well, sort of.What it actually means is that the connection between your computer and website is encrypted using SSL/TLS encryption.
Thats a good thing, but it doesnt verify the security of the rest of the website. The website might be storing passwords in plaintext and using a default admin password on the database. But at least if you see thepadlock, you know your communication with the website is encrypted.
This encryption is possible because your browser and the website use the same encryption scheme with multiple keys. At the start of a connection session your browser and the website exchange public keys. A public key can decrypt something that has been encrypted using a private key.
Your browser and the website exchange their public keys and then encrypt using their private keys. Because each end of the connection has the other ends public key, each end can decrypt the information they receive from the other end. The private keys need never be exposed.
Releasing a public key is safe. A public key cannot be used to fraudulently encrypt data. So although you receive a copy of a websites public key, you cant impersonate the genuine website because you dont have the private key. This raises the question of authenticity. How do you know the website is the genuine owner of the public and private key pair, and not a copycat site that somehow stole both keys from the genuine website?
Certificates are used to verify the identity of websites. These are issued by Certification Authorities once they have verified the identity of the applicant. The website sends the certificate as part of the handshake at the start of a connection session so that the web browser can validate the certificate.
It does this by contacting the Certificate Authority and decrypting some information on the certificate. This requires yet more keys. Your browser has public keys of major Certificate Authorities as part of its installation bundle. And there are yet more keys involved. As well as exchanging public keys, your browser and the website create unique session keys to further secure their communications.
Once your browser has verified the authenticity of the site and the strength of the encryption, it places the padlock in the address bar.
RELATED: How to Turn on "Enhanced Safe Browsing" in Google Chrome
The concept of public and private keys crops up again and again in encryption. A common method of securing emails in transit uses pairs of public and private keys. Public keys can be exchanged safely, private keys are not shared. Messages are encrypted using the senders private key. The recipient can use the senders public key to decrypt and read it. They can use their own private key to encrypt a reply.
OpenPGP is a well-known encryption scheme that follows this model, with a twist.
The senders email client generates a random key.This is used to encrypt the email message.The random key is then encrypted with the recipients public key.The encrypted message and the encrypted random key are sent to the recipient.The recipients email program uses their private key to decrypt the random key which is then used to decrypt the message.
The purpose of the extra step is to allow an email to be sent securely to multiple recipients. Your email client doesnt need to encrypt the entire email separately for every recipient, just the random key.
Of course, secure email systems also face the question of authenticity. You have to trust the public key that has been sent to you. Keys are tied to email addresses. Having the public key sent to you from the email address youll be conversing with is a good first step. Most email clients can show the email address associated with a public key.
Another method of checking the authenticity of a public key is to obtain it from a repository. The public keys uploaded to repositories are verified by the repository before theyre made public.
At least, encryption underpins our digital lives if were doing it right. Avoid unsecured remote connections of any type (whether remote working or buying online), use email clients capable of encrypting private messages, and use messenger apps with end-to-end encryption.
Lbhe cevinpl vf vzcbegnag, hfr gur nccebcevngr gbbyf gb fnsrthneq vg. As Caesar might have said.
RELATED: What Is End-to-End Encryption, and Why Does It Matter?
Read more here:
What Is Encryption, and How Does It Work? - How-To Geek
- Elon Musk weighs in on the encryption wars between Telegram and Signal - Business Insider - May 15th, 2024
- Microsoft to Make BitLocker Encryption the Default in Next Windows 11 Build - ExtremeTech - May 15th, 2024
- Encryption toolkit for media makers: An introduction - Freedom of the Press Foundation - May 15th, 2024
- Which is it, RPD? Shooting, Disorderly, Or Encryption and Lies? - Rockford Scanner - May 15th, 2024
- Windows 11 Will Enable Encryption by Default During Installation - 80.lv - May 15th, 2024
- Apple and encryption services Wire and Proton have provided information on activists at the request of police - GIGAZINE - May 15th, 2024
- End-to-end encryption may be the bane of cops, but they can't close that Pandora's Box - The Register - May 6th, 2024
- Microsoft breaks VPN encryption in Windows 11 and Windows 10 - GB News - May 6th, 2024
- Marriott admits it falsely claimed for five years it was using encryption during 2018 breach - CSO Online - May 6th, 2024
- Marriott admits it wasn't using encryption before major 2018 hack - TechRadar - May 6th, 2024
- WhatsApp could leave India over encryption battle - Rest of World - May 6th, 2024
- Encryption: The Cornerstone Of Cryptocurrencies | MENAFN.COM - MENAFN.COM - May 6th, 2024
- Quantum-proofing passwords and artwork with DNA encryption - Advanced Science News - May 6th, 2024
- News: Encryption and encrypted passwords in the world of blockchain and crypto - Bitfinex - May 6th, 2024
- Banking Encryption Software Market to Reach USD 11.50 Bn by 2029, at a CAGR of 9.2 percent As Revealed In N... - WhaTech - May 6th, 2024
- ETtech Explainer: WhatsApp's standoff with Centre over end-to-end encryption - The Economic Times - May 6th, 2024
- Explained: Why WhatsApp is willing to leave India over encryption - MSN - May 6th, 2024
- The Future of End-to-End Encryption May Get Decided This Week in Nevada | TechPolicy.Press - Tech Policy Press - March 13th, 2024
- What is fully homomorphic encryption and how will it change blockchain? - Blockworks - March 13th, 2024
- Zamas homomorphic encryption tech lands it $73M on a valuation of nearly $400M - TechCrunch - March 13th, 2024
- WhatsApp encryption status might appear at the top of chats - BGR - March 13th, 2024
- TELCLOUD Teams With CyberProtonics to Add Quantum Encryption Security Technology on All POTS Line Phone ... - Business Wire - March 13th, 2024
- WhatsApp Clears Up Confusion Over Encryption With A Handy New Chat Label - Hot Hardware - March 13th, 2024
- WhatsApp Now Offers Encryption Label At The Top Of Your Chat Window: What It Means - News18 - March 13th, 2024
- WhatsApp update: An encryption indicator for chats is in the works, says report - HT Tech - March 13th, 2024
- Navigating an evolving landscape of threats and the rise of the encryption-less data breach - iTWire - March 13th, 2024
- Quantum Cryptography and Encryption Market Size, Growing Demand and Trends 2023 to 2030 - WhaTech - March 13th, 2024
- WhatsApp wants to 'show off' its end-to-end encryption feature to users - The Times of India - March 13th, 2024
- Disk Encryption Software Market Report Probes the Size, Share, Competitive Landscape and Trend Analysis - WhaTech - March 13th, 2024
- Signal President Meredith Whittaker Warns Against Encryption Threats and Tech Accountability Misuse - BNN Breaking - March 5th, 2024
- Shiba Inu Implements State-of-the-Art Encryption to Enhance Privacy & Security for Users and Developers - The Defiant - DeFi News - March 5th, 2024
- NYPD shows no sign of reversing Staten Island police radio encryption, but state legislation could change that - SILive.com - March 5th, 2024
- BitLocker encryption broken in 43 seconds with sub-$10 Raspberry Pi Pico key can be sniffed when using an ... - Tom's Hardware - February 9th, 2024
- BitLocker's Encryption Is Broken, But It's Still Not Time to Switch - MUO - MakeUseOf - February 9th, 2024
- Breaking Bitlocker: Watch Microsoft's Windows disk encryption being bypassed in just 43 seconds - BetaNews - February 9th, 2024
- Microsoft BitLocker encryption hacked by a cheap off-the-shelf Raspberry Pi Pico - ReadWrite - February 9th, 2024
- Web3 Foundation Announces Grant Funding for Creation of On-Chain Randomness and Timelock Encryption ... - StartupHub.ai - February 9th, 2024
- BitLocker Gets Pi All Over It's Face As A Pico Cracks The Encryption Key - PC Perspective - February 9th, 2024
- The Dawn Of Quantum Computing In Finance: Revolutionizing Data Analysis And Encryption, According To Investor ... - Global Banking And Finance Review - February 9th, 2024
- Cryptographic storage is a secure way to store data using encryption and other security measures. - Medium - February 1st, 2024
- Senator proposes new encryption provision in bill against online child exploitation - The Record from Recorded Future News - February 1st, 2024
- Email Encryption Market is Expected to Reach US$ 20.7 Billion by 2032: IMARC Group - EIN News - February 1st, 2024
- EU: Open letter on security-cloaked threats to encryption - ARTICLE 19 - Article 19 - January 15th, 2024
- Mind Network: Revolutionizing Web3 Security and Privacy with Fully Homomorphic Encryption - BSC NEWS - January 15th, 2024
- What Is Encryption? Definition, How it Works, & Examples - eSecurityPlanet - January 7th, 2024
- What Is Encryption? - Definition, Types & More | Proofpoint US - January 7th, 2024
- Encryption, Its Algorithms And Its Future - GeeksforGeeks - January 7th, 2024
- End-to-end encryption: What it is, how it works, and why you need it - The Indian Express - January 7th, 2024
- What Is Encryption and Why It's Important for Cybersecurity - devmio - January 7th, 2024
- Quantum Quandary: Navigating the Path to Unbreakable Encryption - Security Boulevard - January 7th, 2024
- What is Encryption and how does it work? | OpenText - December 20th, 2023
- The police scanner is fading away due to the move to encryption communication - Kankakee Daily Journal - December 20th, 2023
- EAGLYS, Mitsui, and Quantinuum Partner on Hardened Encryption Keys Using Quantum Computing - Quantum Computing Report - December 20th, 2023
- Meta rolls out default end-to-end encryption for its 1 billion users. Here's what to know - The European Sting - December 20th, 2023
- Messenger finally gets end-to-end encryption by default - The Verge - December 11th, 2023
- Meta Announces End-to-End Encryption by Default in Messenger - EFF - December 11th, 2023
- Why It Took Meta 7 Years to Turn on End-to-End Encryption for All Chats - WIRED - December 11th, 2023
- Meta to expand encryption on Messenger making it similar to WhatsApp - CNBC - December 11th, 2023
- Default end-to-end encryption introduced in Messenger - SC Media - December 11th, 2023
- Meta Launches Default End-to-End Encryption for Chats and Calls on Messenger - The Hacker News - December 11th, 2023
- Encryption: It's Not About Good and Bad Guys, It's About All of Us - Center for European Policy Analysis - December 11th, 2023
- Default end-to-end encryption is finally coming to Messenger and Facebook - Popular Science - December 11th, 2023
- Lack of Encryption the Primary Reason for Sensitive Data Loss - Business Wire - December 11th, 2023
- Facebook Messenger end-to-end encryption is finally here - BGR - December 11th, 2023
- Facebook Messenger Now Uses End-to-End Encryption by Default - How-To Geek - December 11th, 2023
- What does end-to-end encryption on Facebook and Messenger mean for users? - The National - December 11th, 2023
- Meta starts adding controversial encryption to Facebook and Messenger chats - The Independent - December 11th, 2023
- The Quantum Computing Threat to Encryption and Cybersecurity - Medium - December 11th, 2023
- Meta adds end-to-end encryption to Messenger and Facebook. Details here | Mint - Mint - December 11th, 2023
- AI and Quantum Computing Threaten Encryption and Data Security - Security Boulevard - December 11th, 2023
- End-to-end encryption in Facebook Messenger will now work by default - Mezha.Media - December 11th, 2023
- Equiniti Announces Partnership with Beyond Encryption to Strengthen its Secure Digital Communications - Global Banking And Finance Review - November 17th, 2023
- Bluefin, The Payments Fintech Focused On PCI-Validated Encryption And Tokenization Technologies, Partners - Crowdfund Insider - October 27th, 2023
- Cryptography | NIST - National Institute of Standards and Technology - October 16th, 2023
- What Is Encryption? - Internet Society - October 16th, 2023
- How to Encrypt Files, Folders and Drives on Windows | TechSpot - May 3rd, 2023
- What Is Encryption? | Definition + How It Works | Norton - January 30th, 2023
- What is PGP Encryption and How Does It Work? - Varonis - January 30th, 2023
- What is Encryption and How Does it Work? - TechTarget - January 22nd, 2023
- Now you can enable end-to-end encryption in Instagram chats: Heres how | Mint - Mint - December 28th, 2022