Encryption is a term that many of us have come across, but what does it actually mean? To put it simply, encryption is the encoding of information. It is used in a variety of online services to keep your data private and safe: from text messages and emails to banking details, cloud files, and more.
In this article, we will explore the different types of encryption, how it protects your data, and why it matters. Let’s get into it.
Related: The best VPNs
What is encryption?
Encryption is not an invention of the digital age. History buffs will know that cryptography dates back to as early as Ancient Egypt. In ancient times, secret messages were usually encrypted using symbol replacement. The famous Caesar cipher, for example, replaced one letter with another a fixed number of spaces down the alphabet.
Today, the basic principle remains the same. Digital encryption takes readable text (also known as plaintext) and scrambles it. However, this is achieved through encryption algorithms which are much more complex and powerful than their single-alphabet substitution ancestor.
Don’t miss: How to encrypt your Android device
We have variables, also known as keys, to thank for that. They are randomly generated and unique. Some systems even generate new keys for every session. This means that if an attacker wants to steal your credit card information, for example, they will not only have to know what algorithm was used to encrypt the data but also what key. This is by no means an easy task, which is why encryption is very resistant to brute force attacks. It’s also why it is one of the best ways to protect your sensitive data online.
Types of encryption
There are two main types of encryption: symmetric and asymmetric. The main difference between them lies in their use of keys.
Symmetric encryption utilizes a single key which is used by both communicating parties for encryption and decryption. However, this means that the key must be installed on both devices before communication begins.
Asymmetric or public-key encryption, on the other hand, opts for a two-key approach. One key is private and the other is public, hence the name. The private key is only known to your device, but your phone or PC will send the public key to devices it wants to communicate with securely. The receiving device then needs its own private key plus the public one to decode the encrypted data. This is why you shouldn’t worry about the “public” name. No one can access your information without the necessary private key.
As previously mentioned, there also are various algorithms that can use symmetric or asymmetric encryption. Here are five of the most commonly used encryption algorithms and how they work:
- AES — The Advanced Encryption Standard is one of the most secure symmetric encryption algorithms that currently exist. It uses ciphers with a 128-bit block size, and key lengths of 128, 192, or 256 bits. AES is the algorithm of choice for multiple organizations including the US government.
- Triple DES — When the original Data Encryption Standard (DES) became susceptible to attacks, it was replaced by Triple DES. Its name is derived from its use of three 56-bit keys. It’s a symmetric encryption algorithm, but it has fallen out of fashion in recent years with the emergence of more secure options like the aforementioned AES.
- Blowfish — This encryption algorithm was invented by security expert Bruce Schneier. Like Triple DES, it emerged to replace the outdated DES. It is a symmetric-key block cipher that ranks among the most secure algorithms. Better yet, it can be used by anyone thanks to its public domain status.
- Twofish — Another invention of Bruce Schneier, TwoFish is the more advanced successor of Blowfish. It is a symmetric encryption algorithm that uses keys up to 256 bits in length. It is not only fast and secure, but it’s in the public domain just like its predecessor.
- RSA — An asymmetric encryption algorithm, RSA is one of the oldest and most widely used standards for data encryption online. It is relatively slow, but it is regarded as very secure.
What is it used for?
Now that you know what encryption is and how it works, you may be wondering what it’s used for. As previously mentioned, encryption is essential for a private and secure online experience. Whether you are sending an email, shopping online, chatting with friends, or uploading files to the cloud, there’s always sensitive information that needs to be protected.
Even if you might not be aware of it, many of the online services you use already employ some form of encryption. Here are some common encryption uses and how they work.
Due to its increasing popularity in recent years, you have probably heard of end-to-end encryption. So, how does it work? Typically, much of the information you send online (for example emails) passes through and is stored by third parties, including your email provider. Even if the data is encrypted, that usually only happens while it is in transit. Once your email arrives at its destination, it often doesn’t have the same level of protection.
The same doesn’t apply with end-to-end encryption, also known as E2EE. End-to-end encryption makes information readable only to the communicating parties. Not even your ISP or email provider are given ways to decrypt it. This makes it great for the privacy-conscious as well as those concerned with security. Of course, E2EE is not 100% foolproof, but it’s much better than most alternatives.
A number of popular messaging services and email providers such as Signal, WhatsApp, and Proton Mail already use end-to-end encryption.
If you want your browsing habits and data to remain private and secure, you should familiarize yourself with HTTPS. This protocol is used on the Internet and is often indicated with a padlock in the corner of your browser’s address bar. It provides secure communication via TLS (Transport Layer Security) or SSL (Secure Sockets Layer) encryption.
HTTPS authenticates your connection by requesting a digital or public key certificate, which needs to be signed by a trusted third party. Unlike end-to-end encryption, however, HTTPS generally protects your data while it is in transit. This means it is less private comparatively, but it’s still a must-have for anyone that wants to protect their online data.
Read next: The best privacy browsers for Android
The easiest way to ensure that all of your web communication uses HTTPS is by installing a browser add-on such as HTTPS Everywhere. It is available for all major browsers such as Chrome, Firefox, Opera, and even Firefox for Android.
Cloud storage encryption
Storing photos, videos, and documents on the cloud is more common than ever nowadays. This necessitates the use of encryption to protect sensitive files. Many cloud storage providers offer some form of it.
There are three types of data cloud providers have to deal with: data-at-rest, data-in-transit, and data-in-use. Their names are pretty self-explanatory. The first is data that is stored and not currently in use. Data-in-transit is information sent to one or multiple parties, while data-in-use is often utilized by applications, which makes it difficult to encrypt.
Whether any of this data is encrypted, however, depends on your provider. Some may offer both data-at-rest and data-in-transit encryption, while others may only encrypt data that is deemed sensitive. The types of encryption also vary from provider to provider. Unfortunately, E2EE is still not very common in the cloud space.
Not many cloud storage services offer end-to-end encryption.
Nevertheless, most popular services provide TSL/SSL encryption for data-in-transit and some form of encryption for data-at-rest files. Some like Dropbox, for example, also offer end-to-end encryption tools like Boxcryptor. They can encrypt your files locally before they are uploaded to the cloud.
If you want to take your protection to the next level, you might want to protect files saved on your PC too. This is where disk encryption comes in. It allows you to encrypt your hard drive, thereby securing everything stored on it.
There are a couple of ways you can go about disk encryption: using software or hardware. With the latter, you’d need a self-encrypting drive. It encrypts and decrypts data automatically, making it one of the easiest and most worry-free ways to keep your files secure. Self-encrypting drives (both SSDs and HDDs) are offered by a variety of manufacturers, including Samsung, Seagate, Toshiba, and others. However, they usually command high prices.
If you want to save some money, you can use software to encrypt your existing drive. There are many solutions to choose from, but there are a couple of things you need to know first. Disk encryption software typically uses real-time encryption, also known as on-the-fly-encryption (OTFE). This means that data is encrypted and decrypted as it is loaded and saved. Depending on the software you use, this might result in slower performance. Nevertheless, it might be worth it for those that place security first. Software like BitLocker, for example, uses the AES encryption algorithm with 128 or 256-bit keys, making it a great choice for those that value security and privacy.
Why encryption matters
You have nothing to fear if you have nothing to hide, right? Well, that’s certainly what a lot of people think, but data is big business nowadays. Even if you don’t mind someone knowing about your browsing or shopping habits, you don’t want to have credit card information or private photos stolen. This is why encryption matters. Here are its main benefits:
- Privacy – Some conversations, be they personal or work-related, should be kept from prying eyes. The same can apply to photos, videos, documents, etc. If you want to keep these to yourself and intended recipients only, encryption is an essential tool.
- Security – Because of the current pandemic situation, we are forced to do many things that require inputting sensitive information online. Be it shopping or submitting tax documents, no one wants to have their credit card information or identity stolen.
Of course, encryption cannot protect you from 100% of attacks. It has flaws and limitations which can be exploited, but you are much more exposed to sleuthing and data harvesting without it.
Q: How secure is encryption?
A: Encryption makes your online experience much more private and secure, but it isn’t foolproof. The level of security also depends on the type of encryption used. Nevertheless, it can’t protect you from all online threats. Weak passwords and data breaches, for example, can still result in your information being stolen.
Q: Can encrypted data be hacked?
A: Yes, it is possible for encrypted data to be decoded. However, decryption requires a lot of time and resources. Encrypted data is usually “hacked” with stolen keys instead.
Q: Can encrypted data be encrypted again?
A: Yes, multiple encryption exists. It can use the same or different algorithms to do so, but it is not terribly common. Most modern ciphers are very hard to crack with brute force attacks without the need for a second layer.
Q: What is the highest level of encryption?
A: AES 256-bit is considered the strongest encryption standard. AES (Advanced Encryption Standard) has been used by the US government since 2001, and many businesses have adopted it since too.
Q: Which messaging apps use end-to-end encryption?
A: Signal, WhatsApp, and iMessage all use end-to-end encryption by default. However, other popular apps like Telegram offer it too but only in secret or private chats.