Encryption techniques used to secure private information
Encryption is the process of converting any text or message into a form that cannot be understood by a person who does not have information regarding how the conversion was made. The non-coded message is called plaintext and the converted message is called cipher text. One can change the cipher text back to plaintext using an algorithm (called the cipher) which gives a certain set of possible values and a key that leads to a specific value when used with the cipher text and the cipher. The key and the cipher contain all the information about the conversion between plaintext and cipher text.
Encryption is a way to hide and transport sensitive information. Credit card numbers for online transactions, social security numbers in employee databases, and other personal and financial information all need to be encrypted.
For example, when making a purchase online, a person types in their credit card details and sends it to the site. While this information is being sent, an attacker could potentially extract that information and use it for nefarious purposes. The point of encryption is to secure the data so that no one can access, understand, or use it besides the person that sends the data and the person that is supposed to receive it.
The best encryption system is one that is unbreakable. However, for practical purposes, quality encryption is one where even if the cipher is known publicly, the message cannot be decoded. Basically, only a person with a key should be able to decrypt the message. Also, the attacker shouldn’t be able to “guess” the key based on a numerical pattern. That is, the algorithm should be good and no one should be able to try all possible key combinations in a feasible amount of time, meaning the key-size should be long.
There are two kinds of commonly used encryption techniques — symmetric key encryption and asymmetric key encryption. Symmetric key encryption is relatively simple: Both the receiver and the sender have a common key that can be used to decode or code the message. In asymmetric key encryption, the receiver has a public key that is visible to anyone who wants to send a message. The sender sends a message using the public key to the receiver. After that, the receiver has a private key that is confidential, which is used to decode the message.
One commonly used symmetric cipher is the American Encryption Standard (AES), originally called the Rijndael after its creators, Joan Daemen and Vincent Rijmen. AES rearranges a given message and transforms it in several rounds, using relationships with a key, that are repeated depending on the length of the key. That is, AES with a 128-bit key would undergo 10 repetitions, with each repetition having four rounds. So hypothetically, one can encrypt the message using the key and performing the operations and decrypt it by using the key and performing all those operations backwards.
An example of asymmetric encryption is the RSA algorithm, named after its inventors Ron Rivest, Adi Shamir, and Len Adelman. The RSA algorithm involves the use of prime numbers and the prime factoring problem. Again, broadly speaking, the algorithm depends on the product and factorization of two arbitrary, very large prime numbers, for example those with over 100 digits. The fact that there currently exists no efficient algorithm in the world to factor a number forms the basis of this system. In this case, the two prime numbers are kept confidential and their product is published as the public key, along with an exponent that plays a major role in converting the message. The private key comprises a different exponent and the product of the prime factors, which is used to convert the cipher text to plain text.
These are only a few of the encryption methods currently in use. Research is being done on other approaches to encryption such as “honey encryption,” where incorrect attempts to break the cipher produce data that seems right but isn’t; “functional encryption,” where the key reveals only a certain aspect of data that the sender wishes to share; and “quantum key encryption,” which uses the quantum properties of atoms to encrypt data.
Each of these systems, and others that are being produced, will hopefully provide new methods of encryption that will give users even better security in the future.