What Is Encryption and Can I Use It to Protect My Data?
How much private information have you sent across the web so far today?
Perhaps you woke up to your alarm. Checked your emails. Replied to some conversations in your messaging apps. Purchased a coffee with your bank card…
Hardly a minute goes by without some of your data traveling around the world.
Whether it’s your bank details when buying that coffee, your work emails, or private group chats with friends, you carry out these activities every day, secure in the knowledge that somehow your personal digital security stays protected.
But how is all this information kept out of reach of intruders?
Encrypted data allows you to securely send information to its intended recipients without fear of it being accessed or stolen by anyone else.
In this article we’ll explain everything you need to know about encryption including;
- What encryption is
- Examples of where it’s used in your everyday life
- How it works
- Whether it can be hacked
- And what else you can do to protect yourself should encryption fail
What is encryption?
Data encryption is when information is converted to code so it can’t be understood by an unauthorized reader.
The information in its original, readable format is known as plaintext. When it’s turned into code, it becomes encrypted data, also known as ciphertext, and only the authorized user can ‘decipher’ it.
This process of encrypting and decrypting information is called cryptography.
What does data encryption do?
At its most basic level, encryption provides data confidentiality. But there are other functions involved in the process to ensure we can trust any encrypted and decrypted data.
- Confidentiality - encodes and hides the message
- Authentication - verifies the message’s origin
- Integrity - proves the message’s contents haven’t been changed since sending
- Non-repudiation - ensures a message sender can’t deny sending the message
When should encryption be used?
There are two broad scenarios when data should be encrypted:
1. When data is ‘at rest’
Any time data is stored, it should be encrypted to ensure security. For instance, this could be on a removable storage drive or your computer’s hard drive. Responsible organizations will encrypt any data they store.
2. When data is ‘in transit’
Any time you send data from one place to another, there is a risk of interception by an unauthorized user, whether it be in an email, via the web or even through traditional mail. Encrypting data means even if it is intercepted by an unintended user, it can’t be understood.
Everyday examples of data encryption
One of the earliest forms of encryption is known as ‘symbol replacement’ and was widely used by the militaries in Ancient Greece and Rome. The Caesar Cipher was a system where each letter in the original message or ‘plaintext’ was replaced by a letter situated in a certain number of positions later in the alphabet. You might recall playing similar code-cracking games as a kid.
Of course, today, data encryption is far more advanced. Its use is also incredibly widespread. It’s likely protecting your data right now without you even being aware of it.
Some examples of common everyday uses of encryption are:
- ATMs - every time you use an ATM the information is protected by encryption.
- Online payments - your payment details are protected by encryption.
- Encrypted web traffic - many websites encrypt your web usage by default. If you’re using a website with ‘https’ (the ‘s’ stands for ‘secure’) at the beginning of the address, your data is encrypted.
- Messaging apps - messenger apps such as WhatsApp have enabled end-to-end encryption. This means if cybercriminals were to breach WhatsApp, they couldn’t decrypt your conversation data.
- Digital rights management systems - prevent the unauthorized use or reproduction of copyrighted content and protect software against reverse engineering.
- Data ‘at rest’ - responsible organizations holding data on computers or on storage devices will ensure it is encrypted.
While organizations usually encrypt vast quantities of data they have stored, you might also want to encrypt any data you have ‘at rest’ on your own personal computer. If so, check out this guide on how to encrypt files and folders on your Mac.
Why is data encryption important?
You don’t have to look far to find news of the latest hacking incident or cybercrime scam. While securing any systems containing data is the first step in protecting your information, no security can guarantee your system is 100% impenetrable.
That’s why data encryption is so important. Should an unauthorized user somehow gain access to the system or device holding your data, encryption will ensure they will not be able to read it, even if they have access.
Encryption is the all-important second line of defence and can greatly reduce the damage of being hacked.
In the context of businesses and organizations, data encryption helps organizations stay compliant with data protection regulations.
For instance, the Health Insurance Portability and Accountability Act (HIPAA) requires healthcare providers to implement data encryption to protect patients’ health information.
How does encryption work?
NOTE: Diagrams and videos appear frequently in the SERPs to answer this question. It would be ideal to add either of these to answer this question in this section.
For the average web user among us (and we’re assuming that’s most of us!) understanding exactly how encryption works can be tricky. Nevertheless, it’s still quite fascinating when presented in layman's terms.
Curious? Here goes!
Information is encrypted using formulas called encryption algorithms, or ciphers.
In order to work, one part of the algorithm must have a variable, called a key. It’s this variable or key that makes the algorithm’s output unique and therefore able to protect your data.
Just like the door to your house, you know it will be secure when you lock it and take the only key with you. The key in an encryption algorithm works on the same principle.
If your encrypted information was intercepted by an unauthorized user, they would have to guess the:
- Encryption algorithm used to encrypt the data
- The keys used as variables
That’s a tough code to crack, and is why encryption is such an effective security tool.
Symmetric and Asymmetric Encryption
We mentioned information can be encrypted in a number of different ways using different algorithms. These methods typically fall under two categories - symmetric encryption and asymmetric encryption.
This is the simplest form of encryption, which is it’s main advantage. Only one key (such as a long number or string of random letters) is required to cipher and decipher the information. However, this simplicity is also its main disadvantage. All parties involved need to somehow share the key between them, leaving open the possibility it could be intercepted and stolen. Symmetric encryption may be suitable for protecting data ‘at rest’, but when it comes to sending data across a network, a more complex algorithm is required.
Examples of symmetric algorithms: Advanced Encryption Standard (AES), Data Encryption Standard (DES), Triple DES.
This is a newer method of encryption and particularly useful when sharing data over the internet.
It uses two keys - a public and private key. They are linked mathematically but aren’t identical.
The public key is used to encrypt the data and is freely available to anyone who might want to send you a message. The private key is held only by the recipient and is used to decrypt the data.
The main disadvantage of asymmetric encryption is how its added complexity can make it a slower process than symmetrical encryption. On the upside, the complexity is also what makes it extra secure.
Examples of asymmetric algorithms: RSA, DSA.
Can encryption be hacked?
In short, yes.
While decrypting an encrypted message would require considerable computational resources and skills, it’s not impossible. However, given the resources required, it is very rare.
Humans: The weak link in the process?
But what if an encryption key is stolen?
Or if an authorized user is tricked into handing it over?
Phishing emails are fraudulent mails sent with the aim of tricking recipients into thinking they are communicating with a trusted source so they hand over personal information.
Believe it or not, almost 30% of phishing emails are opened and the malicious attachment or link is clicked in 13% of those.
So while encrypted data is extremely secure, human processes around it can be much easier to hack.
The future of encryption security
As computing power increases, encryption methods become more advanced.
The original encryption key, DES, had a 56-bit key (which refers to the size of the key used to encrypt the data). The 56-bit key had 72,057,594,037,927,936 combination possibilities!
Believe it or not, by today’s computing standards, a 56-bit key isn’t secure and could be hacked by a brute force attack. This is where a cybercriminal submits an endless stream of passwords until one eventually works.
Modern encryption keys are therefore much larger, up to 2048-bit with the RSA system. Hacking a 2048-bit system is near impossible today. However, with advances in quantum computing, it would be naive to assume this will always be the case.
How to protect yourself where encryption doesn’t
Data encryption is a powerful tool in your security mix, but it’s important you do have a mix. Don’t rely solely on data encryption, or any single measure alone to keep your data protected.
Here are other best practices to follow so if one safeguard fails, you have other lines of defence to limit any damage should your data be compromised.
- Use trusted security software
- Patch and update regularly
- Use strong passwords and multi-factor authentication
- Avoid using the same password for multiple accounts
- Avoid pop-up ads
- Be aware of phishing scams
- Back up your data regularly
- Get greater browsing security by using a VPN
Clario simplifies staying safe online, protecting you on all fronts with our all-in-one cybersecurity solution.