Encryption is the method by which information is converted into secret code that hides the information’s true meaning. The science of encrypting and decrypting information is called cryptography.
In computing, unencrypted data is also known as plaintext, and encrypted data is called ciphertext. The formulas used to encode and decode messages are called encryption algorithms, or ciphers.
What is a key in cryptography?
A cryptographic key is a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.
Types of data encryption: asymmetric vs symmetric
There are several different encryption methods, each developed with different security and security needs in mind. The two main types of data encryption are asymmetric encryption and symmetric encryption.
Asymmetric encryption methods:
Asymmetric encryption, also known as Public-Key Cryptography, encrypts and decrypts the data using two separate cryptographic asymmetric keys. These two keys are known as a “public key” and a “private key”.
Common asymmetric encryption methods:
RSA: RSA, named after computer scientists Ron Rivest, Adi Shamir, and Leonard Adleman, is a popular algorithm used to encrypt data with a public key and decrypt with a private key for secure data transmission.
Public key infrastructure (PKI): PKI is a way of governing encryption keys through the issuance and management of digital certificates.
Symmetric encryption methods:
Symmetric encryption is a type of encryption where only one secret symmetric key is used to encrypt the plaintext and decrypt the ciphertext.
Common symmetric encryption methods:
Data Encryption Standards (DES): DES is a low-level encryption block cipher algorithm that converts plain text in blocks of 64 bits and converts them to ciphertext using keys of 48 bits.
Triple DES: Triple DES runs DES encryption three different times by encrypting, decrypting, and then encrypting data again.
Advanced Encryption Standard (AES): AES is often referred to as the gold standard for data encryption and is used worldwide as the U.S. government standard.
Twofish: Twofish is considered one of the fastest encryption algorithms and is free to use.
Why is data encryption necessary?
Privacy: Encryption ensures that no one can read communications or data at rest except the intended recipient or the rightful data owner. This prevents attackers, ad networks, Internet service providers, and in some cases governments from intercepting and reading sensitive data.
Security: Encryption helps prevent data breaches, whether the data is in transit or at rest. If a corporate device is lost or stolen and its hard drive is properly encrypted, the data on that device will still be secure. Similarly, encrypted communications enable the communicating parties to exchange sensitive data without leaking the data.
Data integrity: Encryption also helps prevent malicious behavior such as on-path attacks. When data is transmitted across the Internet, encryption (along with other integrity protections) ensures that what the recipient receives has not been tampered with on the way.
Authentication: Public key encryption, among other things, can be used to establish that a website’s owner owns the private key listed in the website’s TLS certificate. This allows users of the website to be sure that they are connected to the real website (see What is public key encryption? to learn more).
Regulations: For all these reasons, many industry and government regulations require companies that handle user data to keep that data encrypted. Examples of regulatory and compliance standards that require encryption include HIPAA, PCI-DSS, and the GDPR.