In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.
Encryption is the process of scrambling or enciphering data so it can be read-only by someone with the means to return it to its original state.
Encryption keeps criminals and spies from stealing information. Although you might not realize it, you rely on encryption every day. It protects you while you browse the web, shop online, use mobile banking or use secure messaging apps.
How does encryption work?
At the beginning of the encryption process, the sender must decide what cipher will best disguise the meaning of the message and what variable to use as a key to making the encoded message unique. The most widely used types of ciphers fall into two categories: symmetric and asymmetric.
Symmetric ciphers, also referred to as secret key encryption, use a single key. The key is sometimes referred to as a shared secret because the sender or computing system doing the encryption must share the secret key with all entities authorized to decrypt the message. Symmetric key encryption is usually much faster than asymmetric encryption. The most widely used symmetric-key cipher is the Advanced Encryption Standard (AES), which was designed to protect government-classified information.
Asymmetric ciphers, also known as public-key encryption, use two different — but logically linked — keys. This type of cryptography often uses prime numbers to create keys since it is computationally difficult to factor large prime numbers and reverse-engineer the encryption. The Rivest-Shamir-Adleman (RSA) encryption algorithm is currently the most widely used public-key algorithm. With RSA, the public or the private key can be used to encrypt a message; whichever key is not used for encryption becomes the decryption key.
Today, many cryptographic processes use a symmetric algorithm to encrypt data and an asymmetric algorithm to securely exchange the secret key.
Importance of encryption
Encryption plays an important role in securing many different types of information technology (IT) assets. It provides the following:
- Confidentiality encodes the message’s content.
- Authentication verifies the origin of a message.
- Integrity proves the contents of a message have not been changed since it was sent.
- Nonrepudiation prevents senders from denying they sent the encrypted message.
How is it used?
Encryption is commonly used to protect data in transit and data at rest. Every time someone uses an ATM or buys something online with a smartphone, encryption is used to protect the information being relayed. Businesses are increasingly relying on encryption to protect applications and sensitive information from reputational damage when there is a data breach.
There are three major components to any encryption system: the data, the encryption engine, and the key management. In laptop encryption, all three components are running or stored in the same place: on the laptop.
In application architectures, however, the three components usually run or are stored in separate places to reduce the chance that compromise of any single component could result in a compromise of the entire system.
Encryption vs. decryption
Encryption, which encodes and disguises the message’s content, is performed by the message sender. Decryption, which is the process of decoding an obscured message, is carried out by the message receiver.
The security provided by encryption is directly tied to the type of cipher used to encrypt the data — the strength of the decryption keys required to return ciphertext to plaintext. In the United States, cryptographic algorithms approved by the Federal Information Processing Standards (FIPS) or National Institute of Standards and Technology (NIST) should be used whenever cryptographic services are required.