Understanding Encryption

For centuries, humans have been applying and using different methods or algorithms to transmit confidential messages to troops, diplomats, or allies, without these being intercepted by their enemies. 

The means of obscuring these messages comprise the art of encryption.  

Going back in history, the Romans were the first people identified as using an encryption algorithm, when Julius Caesar asked for a secure way to transmit his messages and orders to the army without them being intercepted and read by his enemies; thus, the famous “Caesar Cipher” encryption technique was invented, which is one of the easiest of the many encryption techniques and algorithms. 

It is a simple type of substitution cipher/encryption. Each letter of the original or plain text is replaced by another letter with some fixed number of positions down the alphabet. 

Let us take the alphabet as an example: 

Original text: ABCDEFGHIJKLMNOPQRSTUVWXYZ 

Encrypted/Ciphertext: XYZABCDEFGHIJKLMNOPQRSTUVW 

This technique is very simple, replacing each alphabet character by the one 23 positions to its right (i.e., X, Y, and Z instead of A, B, and C). 

Nowadays, encryption has become essential to protect sensitive information against unauthorized access.   

Moreover, being connected at all times makes our information and data vulnerable to various types of attacks. Securing and encrypting information is therefore in high demand, and can be done in different ways: 

Symmetric-key encryption: Or private-key encryption encrypts and decrypts using one shared (yet private) key. Its algorithm, or cipher, is typically speedy and efficient. This type of encryption is mostly used to encrypt documents and the same key is used to encrypt/decrypt any document, hence it’s called a symmetric key. 

Asymmetric-key encryption (or public-key encryption): Unlike symmetric-key encryption, this uses not one but two keys; one private, one public. Anyone may access the public key - technically, the sender uses the receiver’s public key when sending a message. However, only the receiver may use their private key to decrypt it.  

It is akin to a house mailbox, where anyone may drop in a letter but no one can access the letters without the mailbox key. This technique is mostly used to encrypt communications, as in websites and emails, whereby one can see near the web page address a lock symbol and the letters “HTTPS,” standing for “Hyper-Text Transfer Protocol Secure;” an enhanced secure version of HTTP that does not provide any kind of security. 

Further to the encryption algorithms, techniques, and services that help protect data, encryption is an essential information security tool. It provides the four most basic services of information security. 

• Confidentiality − Encryption can guard information and communication from unauthorized revelation and access. 
• Authentication − Encryption techniques such as digital signatures can protect information against spoofing and forgery. 
• Data Integrity − Encryption hash functions play a vital role in assuring data integrity. 
• Non-repudiation − Digital signatures provide a non-repudiation service to guard against disputes that may arise due to messages being denied delivery. 

Moving away from the theory and let's look into the applications that might help you protect yourself and your data:

Mobile encryption: Operating system developers such as Apple and Android have mobile encryption features that may be activated from their settings. This feature will encrypt all the data stored on the device using a symmetric key encryption algorithm, whereby it asks for the key each time you power the device back on. If the key is lost, the user will not be able to access their data, sometimes making the device useless. Therefore, such encryption is highly advised, as it protects your data from being read by others, even by connecting your mobile device to a computer. 

Laptop encryption: Similar to mobile devices, laptops provide encryption either through the operating system or through a third-party application (e.g., Bitlocker). This will encrypt your laptop’s hard drives, making them inaccessible by unauthorized persons even if they disassemble your laptop and connect the hard drive to another computer. This also allows you to encrypt flash drives and make them inaccessible without keys. 

Encrypting cloud data: It is highly recommended, as you are trusting a third party with your documents; therefore, having them encrypted is much better than keeping them in plain text, given the risk of the cloud provider being hacked. 

Secured communication: Being connected to the Internet and transferring confidential data make us susceptible to various types of attacks. Therefore, protecting data being transferred by creating an encrypted Virtual Private Network (“VPN”) is necessary, as it protects the data from being captured and altered along the way from the sender to the recipient. Meanwhile, we should not forget the aforementioned HTTPS protocol, which is recommended for any website, as it helps fight spoofing and phishing web pages. 

Finally, another important security feature that relies on encryption is the digital signature, which allows us to sign documents digitally by adding to them a hashed text generated after hashing the initial text using a certain hashing algorithm. This helps ensure the integrity of documents, and certify that signed documents are originals not altered by anybody else.