The most spacious hard drives available today can hold 30 terabytes of data. More than many users will need in a lifetime, yet not even a drop in the bucket compared to the 328 million terabytes the world poofs into existence every 24 hours. How does so much data remain safe? Through encryption, a fascinating topic, this intro article will hopefully make it more clear and interesting for you.
Simply put, encryption is securing information from those who have no right to view its contents. Encrypting involves taking something anyone can understand and scrambling it. This creates a nonsensical mess the right person can put back together with a key. Today, most encryption affects digital data. Since we’re just dealing with 1s and 0s, it’s possible to encrypt anything from a single text sentence to your favorite streaming service’s entire multimedia catalog.
Encryption is essential since data is vulnerable without it. Without encryption, anyone could steal the money from your bank account and get away with it. They could alter your medical records, tank your grades, or assume your identity via your SSN without consequences. Any shared data would be out there for the taking, spelling an end to confidentiality and privacy.
Humans have wanted to keep things secret forever, so encryption is much older than the uses we have for it today. Caesar’s cipher is among the oldest and most well-known examples. It shifts each letter of the alphabet an agreed-upon number of times, creating what looks like gibberish. For example, the word “book” becomes “errn” if we move each letter three spaces forward. The cipher is easy to crack but already contains some of the fundamentals of encryption.
The first is the unaltered message “book,” also called plaintext. Then there’s “errn,” the encrypted message or cyphertext. The act of shifting three letters forward is the algorithm or formula that drives the encryption.
Three main types account for most data encryption. Each is useful in its own way and needs one or more keys to function.
Symmetric encryption uses a single key for both parties. The sender encrypts their message with it, and the recipient can make sense of or decrypt it only if they have that same key.
Passwords you secure your accounts or documents with are a good example of keys for symmetric encryption. They’re also easy to forget or copy from a Post-it note, not to mention ineffective if you use the same ones for different accounts.
Password managers mitigate this by placing the passwords themselves under heavy encryption. Specifically, the best ones use an algorithm known as 256-bit AES or Advanced Encryption Standard to protect their vaults. The military and government also utilize this technology because attempting to gain unauthorized entry through brute force, even with the most advanced supercomputers, would take literal millions of years.
More importantly, the secure passwords are all unique and formidable. Luckily, you don’t have to remember them! Yet you can replace them whenever you need to.
The problem with symmetric encryption is it works best with information at rest. Protecting data in transit is more challenging, which is where asymmetric encryption shines.
A single key works well if both parties trust each other and can establish a secure environment to exchange it. Asymmetric encryption gets around this by introducing a second key. The encryption key becomes public, while the one used for decryption remains private.
Asymmetric encryption is the basis of modern internet security. Websites that have the SSL security certificate use it to establish authenticity. This lets users safely share data with the site, including personal information and payment methods.
Any time you enter a site starting with “https://,” a connection forms, and the site’s public key is used to encrypt it. Only the site’s owner has the private key that can decipher your activity, so no one else can tamper with it.
Hashing is different in that the encryption process isn’t reversible. How’s that useful?
Data that goes through a hashing algorithm ends up as a unique string of characters. That means encrypted messages only return the same hash if they stay unchanged. You encounter this every time you install a program or app. The last part of a setup involves generating a hash of installed files. If it’s identical to the key that came with the setup files, then the installation is complete and successful.
Encryption is an unseen yet fundamental part of modern life. Next time you send over a confidential file, install an app, or just browse the internet, you’ll hopefully have a more thorough appreciation of how encryption makes all of it and so much more possible.