Encryption
So what is
encryption and why do we have it? What is it used for and how does it work? Encryption is a method of converting data into a form that cannot be read or deciphered without having something that decrypts the information into a readable format.
In terms of textual information or data such as this paragraph, if we wanted to encrypt it, we would use some kind of technique to convert it into what is known as ‘cipher text’ or put simply, encrypted data.
The text can be encrypted or converted using several different encryption algorithms, these algorithms are basically a formula that both encrypts and then also decrypts the data.
The encryption process also uses what is known as a secret key that is able to lock the encrypted data. Depending on the type of algorithm being used, sometimes the same key that will enable the algorithm to encrypt data can also be used to decrypt it.
A good example of this is sending an encrypted email to someone you know, so the email will travel across the internet as scrambled cipher text which can only be unscrambled (un-encrypted) by someone who also has the same key you used to first encrypt the email.
This process of encryption uses the same key to both encrypt and decrypt the data, this is also known in the business as symmetric encryption, or symmetric key cryptography. Just remember, symmetric equals the same, as in symmetrical!
The idea of sending data over the internet in an encrypted format is to prevent the unauthorised disclosure of that data. Said another way, if hackers manage to capture the data you are sending, it will be useless to them as all they will see is a jumbled mess of cipher text.
Data travels across networks in packets, these packets are like chunks of data. To explain this further, let’s assume for a moment that we are sending and large picture, and this picture is a very rare painting we want to keep secret.
The picture will first be broken down into smaller more manageable bits, which are then transmitted piece by piece until the complete picture arrives at the other end.
Each piece of our picture is a packet of data. If we wanted to send this picture and keep it from prying eyes, we can encrypt every packet, this way only you and the recipient (who has the decryption code or key) are the only people who can view the image.
If an‘arty-farty hacker’ captures some of these packets, he will not be able to see the rare picture because he does not have the key to decrypt the data.
So as you can see this secret key encrypts (ciphers) the data packets and also decrypts (deciphers) the data when it arrives at its destination. For this process to work, you need to both share the same secret key.
This may bring you to thinking, OK, he has just told me what symmetric key encryption is, I get it, both sender and recipient use the same key. But how then do you share the same key without anyone else also getting that key?
This is achieved via another form of cryptography known as ‘public key cryptography’which uses a second key to encrypt the first key. I will address this kind of cryptography in another tutorial, but for now I will keep things basic and further explain the process of cryptography.
Cryptography has been around for some time and was used during the war by the U-boat submariners. They had what was termed an Enigma machine that sent and received encrypted messages to and from headquarters, the idea was to secretly encode their messages so if they were to be intercepted by anyone else, they would not be able to decode them.
That was perhaps one of the earliest forms of encryption, although very crude and rudimentary, it paved the way for advanced techniques many years later.
There are several forms of symmetric cryptography, one thing they all have in common is that they use both an algorithm and a key. They key is required by the algorithm to encrypt or decrypt data.
A very common and perhaps one of the safest algorithms to date is AES or Advanced Encryption Standard. AES is a very strong algorithm which uses a very strong key.
The strength of an algorithm is often based on the strength of its key, keys are strings of data that can be small or large. It is like having a password and for better security, a longer stronger password is best.
Symmetric keys used in AES are 128,192 or 256bits long which is the strongest at the time I wrote this tutorial. As cited above, longer is stronger and that equates to increased security for your transmitted data. AES256 is considered the strongest and has not been compromised to date.
Some more primitive symmetric cryptographic algorithms only used a 56bit key which can be cracked by hackers quicker and easier than a longer or larger key.
Always use AES256 where possible and be sure to choose the highest possible key length for any symmetric encryption algorithm. As this site develops I will endeavour to write a tutorial on how to encrypt your data so as to compliment the information provided above.