Encryption 101: What It Is, How It Works, and Why We Need It
When you hear the word encryption, the first thing that might come to mind is that it’s something only techies or geeks would understand, or use. In reality, the idea of encryption isn't that complicated. Encryption is a system of mathematical algorithms that encodes user data so that only the intended recipient can read it. As simple as it sounds, the math and extra steps can become onerous for beginners. But before you decide to put it off for other ways to protect your online communications, a few examples might convince you that encryption is one of the best methods to safeguard your privacy, even at times when you think it doesn’t count.
Phone calls, emails, online purchases, social media, and general browsing are online activities we can no longer live without. While we’re constantly looking or sharing information online, our data is fundamentally stored somewhere. Most people aren’t sure where that “somewhere” is, but that data should only be available to the service provider brokering your conversation. It could, however, be visible to the telecom companies carrying your Internet packets, and your supposedly private and secure communications could be intercepted. As many cases have proven, user and company data is increasingly being targeted by hackers and cybercriminals resulting in data breaches and targeted attacks. This reason alone should serve as enough warning to those who haven’t considered protecting their communications via encryption.
What is encryption and how does it work?
-Bruce Schneier, Cryptographer, Privacy and Security Specialist
Encryption enhances the security of a message or file by scrambling the content. To encrypt a message, you need the right key, and you need the right key to decrypt it as well.It is the most effective way to hide communication via encoded information where the sender and the recipient hold the key to decipher data. The concept isn't that different from children who come up with secret code words and other discreet ways to communicate, where only they can be able to understand the message. Encryption is like sending secret messages between parties—if someone tries to pry without the proper keys, they won't be able to understand the message.
There are two methods of encryption: symmetric and asymmetric encryption. Symmetric encryption, also known as secret key encryption, pertains to the sender and the recipient holding the same keys to encrypt and decrypt a message. Asymmetric encryption, or public key encryption uses what is called a key pair—a public key for encrypting a message, and a private key to decrypt it.
Encrypting your connection
Using Wi-Fi to connect to the Internet is convenient, but in terms of security, there’s always a trade-off as it won't be difficult for an intruder to intercept any connection, which could result in stolen user credentials and other sensitive data. This is why many websites use a protocol called HTTPS for encrypting data that's being sent between sites. While this doesn’t necessarily guarantee absolute security, the risks are reduced as information being transmitted can only be decrypted by the site it was sent to.
Encrypting your data
When it comes to your data, the main purpose for encrypting the data stored in your computer and devices—even if you have created back-ups or secure passwords—is to ensure your privacy, protect your data, and secure intellectual property. This is also known as endpoint encryption, which basically adds an extra layer of protection for the confidential information residing on your PC and devices, data stored in removable media such as USB, CD, DVD, or specific files and folders.
Why do we need it?While encryption doesn’t magically convey security, it can still be used to protect a user's identity and privacy. If we are ever being watched, inadvertently or not, we can hide our data by using properly implemented crypto systems. According to cryptographer and security and privacy specialist Bruce Schneier, “Encryption works best if it is ubiquitous and automatic. It should be enabled for everything by default, not a feature you only turn on when you’re doing something you consider worth protecting.”
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases