We hear a lot about the importance of encryption and encrypted data these days. Search engines, for example, encrypt search data to protect users’ information and every time we use our mobile phones, credit cards and carry out online transactions encryption is used to ensure these transactions are safe and secure. Life in the modern world relies on encryption so in this post we’ll explain what encryption is and why it’s important.
What is Encryption?
Encryption is the process of changing information so that it can only be accessed by those for whom the information is intended. The encryption process takes readable text and changes it so that it can no longer be read, understood or deciphered.
There are many theories regarding how and where encryption was first used. It is known to have been employed in ancient Egypt where it is believed it was used to protect the secrecy of certain religious rituals and maybe used for political reasons. In a military context, the ancient Spartans used a special device to send encrypted messages during battle. These could only be deciphered and understood if the recipient had the required ‘key’.
How Encryption Works
The system used by the Spartans, wherein both the message sender and recipient used special ‘keys’ to both encrypt and decrypt their messages, demonstrates fundamentally how encryption works.
The encryption process takes, for example, an original plain text message and then uses a cryptographic key along with a cryptographic algorithm to encrypt the message. Decryption is the reverse process of converting the encrypted message back into its original plain text format. To achieve this the recipient must have the same key that was used to encrypt the message. This is called symmetric encryption.
Symmetric encryption, as noted, uses a single private key which the sender must share with the intended recipient. This is clearly risky as anyone who can access the private key, such as hackers, can potentially read the encrypted messages.
Asymmetric encryption overcomes the security limitation of the symmetric encryption technique by using two, mathematically related keys, a public key and a private key. The public key is used for encryption and the private key is used for decryption. A cryptographic algorithm generates the key pair. Public keys can be shared but only those with the relevant private key will be able to decrypt messages encrypted with the related public key.
Types of Encryption
Encryption methodologies and techniques vary, but there are fundamentally three primary encryption types: DES, AES and RSA.
DES stands for: Data Encryption Standard. It was an accepted standard for encryption in the 1970s but is no longer considered to be secure on its own. By the late 1990s computers were powerful enough to crack the 56-bit DES encryption key in under 24 hours.
Once the weaknesses of the standard DES system became apparent the revised Triple Data Encryption Standard (3DES) was adopted. Instead of using a single 56-bit key, this system uses three of them. A drawback is that this process takes longer to encrypt data and in theory it’s hackable, although in practice this isn’t feasible.
AES stands for: Advanced Encryption Standard. It was introduced in 2001 to replace 3DES. It’s recognised as one of the most secure encryption types, widely used by governments, security organisations and businesses. AES uses ‘symmetric’ key encryption and most of the data tools on the market today use this technique.
RSA stands for: Rivest Shamir Adleman. This standard uses asymmetric encryption requiring both public and private keys. It is widely used online and is a proven technique for securely exchanging information.
RSA encryption is often used in conjunction with other encryption techniques as it isn’t very efficient. Typically, a file will be encrypted using a symmetric key cryptographic algorithm and the symmetric key is then encrypted using RSA encryption. This means that the symmetric key is rigorously secured and the encrypted file can’t be accessed without it.
Importance of Encryption
Encryption is of vital importance in all aspects of our modern lives. We don’t want just anybody accessing our private emails, online chat histories, credit card numbers, bank account details or tax information. We need to use our computers and online facilities without the possibility that any of our private data will fall into the wrong hands. Encryption provides this capability.
Encryption Benefits for Business
Encryption is not only about data that’s being exchanged it also importantly applies to data that’s stored on a network or on various computers. The impact that theft of unencrypted laptops can have has been highlighted in a number of high profile news stories. Business security relies on rigorous encryption protocols and compliance. Here are some of the key business benefits provided by encryption.
Supports Remote Working
Working from home has become the new normal for many organisations, raising the need for robust laptop and portable device security. Businesses need to ensure that their remote workers are using encrypted devices and that if these are stolen or fall into the wrong hands data security is ensured.
Businesses must comply with legal restrictions and regulations regarding how data is handled, conveyed and stored. Encryption is the tool that enables businesses to meet these compliance requirements.
Secure Data Transfer
Data is most vulnerable when it’s being transferred from one computer to another across networks. Businesses employ effective encryption solutions to ensure that data is protected at all times.
Multiple Device Data Security
We are all using multiple devices to access files, send and receive emails and do our work from home. Laptops, tablets, smartphones and desktop computers all need to securely share and store data. Data encryption ensures that information is secured and protected across all devices.
Encryption is an important aspect of our modern lives and it’s especially significant for businesses. Employees on the move and working from home, using a variety of devices to access central or cloud based resources, raises a host of security concerns. Rigorous disk and device encryption is essential to ensure data security at all times and in all circumstances.