Encryption Overview

Encryption has been used for a very long time. It is used to scramble information so that it cannot be read by anyone except the intended recipient. In the computer world, encryption is very important. Without secure encryption, the Internet would never have become such a huge success. Here is a short encryption overview.

Encryption has a long history, it was already used in the ancient world. Even some wars have been won more thanks to superior skills in cryptology than superior military skills. Computers have completely changed the science of cryptology. The computing power of modern computers has made it possible to create codes that are virtually impossible to crack without the help of sophisticated software and powerful computers. On the other hand, sophisticated encryption is absolute necessary on the Internet. Often, users use encryption without even being aware of it.

Computer encryption can be divided into two categories, symmetric encryption and asymmetric encryption. Symmetric encryption means that the same key is used to both encrypt and decrypt the message. This key has to be kept secret and distributed securely before the communication can begin. Asymmetric encryption on the other hand, uses different keys to encrypt and decrypt the information. One key is public, which is known by everyone, and one key is private, which must remain known only to one entity. The advantage of asymmetric encryption is that no secret keys need to be securely distributed.

The first popular encryption standard for computers was DES, Data Encryption Standard, developed by IBM in the early 1970s. DES uses symmetric encryption and could be implemented very efficiently. But it had one practical problem, how to distribute the keys securely. DES also used a 56-bit key, not long enough to avoid brute-force attacks by powerful computers. To improve the security, 3DES or Triple Des was created. It uses 168-bit keys, three times longer than the original DES key length. Each additional bit in the key doubles the effort needed by brute-force to crack the code.

The problem with secure key distribution has made asymmetric encryption methods, also known as public key encryption, popular in the computer world. The advantage is that the public key can be distributed freely to everyone, also to people who are not allowed to decrypt the information. The decryption can only be done if you know the secret key, known as the private key. When the pair of keys is generated, the private keys is kept by the entity and the public key is distributed freely to the whole world.

The most well-known public key encryption system is probably PGP, Pretty Good Privacy. It was developed by Phil Zimmerman in 1991. The creation of PGP was controversial, it provided everyone, both good and bad guys, with encryption that was extremely secure. It can be downloaded free of charge. Just beware that you are not allowed to download it from a site in the US if you are located outside the US.

The RSA method is most likely the most successful commercial public key method. The RSA methods were developed by Ron Rivest, Adi Shamir and Len Adlema. The first letter in the surnames of the developers is supposed to have been used for the name.

Note that public key encryption also makes it possible to create digital signatures. By reversing the process, using the private key to encrypt a signature and decrypting it with the public key, you know that the message was sent by the person who possesses the private key.

Both SSL, Secure Sockets Layer, and TLS, Transport Layer Security, use public encryption to provide secure communication over the Internet. URLs beginning with https rather than the usual http use SSL or TLS.

Here you can learn more about the Public Key Infrastructure which is used on the Internet

Leave a Reply