What Is Encryption?

Encryption is the process of obscuring information. Encryption uses codes to convert information to this obscured form. We use encryption when we want to hide information; to protect it from those we don't want to know it. Even if someone gets the information in encrypted form, they can't (usually) "crack the code" and obtain the information. What others see is scrambled, random information, whether it appears as characters, noise, or random bits. In these cases, these days, we mostly use electronic information transfer, so the codes we're talking about are binary codes. Computers transform the information using math. The math processes they use are called encryption algorithms. These algorithms use one or more encryption keys to process the information and convert it to encrypted form. If you have the key (or keys), you can decrypt the information. Decrypting is the process in reverse, changing the obscured information back into its original form.

Encryption algorithms take your information, called plaintext, and use an encryption key and an encryption algorithm to convert the input plaintext into ciphertext. Some algorithms use more than one key, additional random information for input, or make multiple passes over the information. The difficulty in cracking most encryption algorithms is directly related to the length of the encryption key. We describe encryption key length by the number of bits. So for example a 256 bit key is stronger (harder to crack) than a 128 bit key. Obviously if we had to guess randomly the number of bits in a 256 bit number it would take much longer than guessing a 128 bit number. Guessing randomly at keys to crack encryption is called "brute force" decryption. Some encryption algorithms use additional measures to make brute force attempts difficult, rather than relying on key length.

Some algorithms you may use every day are: DES, 3DES, IDEA, RC4, MD5, and Blowfish. They have unusual names and you may not be familiar with them, but they are in use in your web browser, computer applications, and more. Some algorithms are block ciphers, and are used on chunks of data. Others are stream ciphers and convert single bit "streams" of data. Other algorithms are one way hash ciphers, used to make a unique "signature" from different plaintext inputs. Some use the same keys to encrypt and decrypt, these are called symmetric key ciphers. There are other types, such as asymmetric key ciphers.

We use encryption very often, even if we don't use the details. When buying things online, hopefully you are using an SSL connection in your browser. SSL is Secure Sockets Layer, and uses encryption to secure your browser connection with a web site. If you use a password to log in to your PC, that password is stored encrypted on the hard drive. The password you enter when logging in is encrypted and compared with the stored version. VPNs and many Wi-Fi connections use encryption as well.

Privacy

The main use of encryption discussed here is clearly privacy. Only the intended audience (us or another party that has a key) can decrypt the information. If we encrypt our hard drive, if it is stolen the data on it is useless without a password and/or a digital key.

Validity

Encryption can also ensure that data has not been changed in transit or after it was stored. If we use a one-way hash any changes, even of a single bit in the source data, will result in a different output. When we compare the original hash with ours we can know the data has been modified.

Authenticity

Digital Signatures and PKI can be used to "sign" encrypted or plaintext documents and verify that the sender is who they claim to be. We use the public key to check the signature block created by the sender with their private key. Similarly we can use PKI for authentication for applications or network connections.

I hope this information helps you understand encryption in general and why it's so useful and important today.