Encryption turns a message into something very different and unreadable, and somehow decrypts it on the other end so that the message is restored and readable again. How does encryption work? Why is it important to use encryption to protect your data? Let’s find out.
Symmetric and Asymmetric Encryption
There are two types of encryption. Symmetric encryption uses only one key to both encrypt and decrypt the message, while asymmetric encryption uses mathematically related keys to do the job. However, the key exchange process is risky if two computers use symmetric encryption to secure their connection. Since the key, which can be used to encrypt and decrypt messages, can be exposed to the public, anyone with access to the Internet can theoretically pick it up and use it to decipher the message.
Therefore, asymmetric encryption is safer because even if encryption keys are exposed, your data cannot be decrypted unless the decryption key also shows up. However, symmetric encryption is faster than asymmetric encryption, so it has its purposes, too. Let’s talk about asymmetric encryption first (as symmetric encryption is very easy to understand). Asymmetric encryption also helps secure the key exchange process for symmetric encryption, as applied by TLS.
How Does Asymmetric Encryption Work?
To understand asymmetric encryption, we have to grasp the concept of public and private keys. Each computer has two keys. One is the public key, which is intended to be shared and is used to encrypt data. Another one is the private key, which must not be exposed to anyone else and must be encrypted and protected with a strong password.
The private and public keys are mathematically related. Take RSA, for example. The public key is the product of two large prime numbers and another value, while the message encrypted by that public key can only be decrypted by someone who knows the prime numbers. It follows a concept that it’s easy to get the product of two large prime numbers, while it’s challenging to obtain the prime factorization of the product if you don’t know the prime numbers.
To encrypt a message, the sender and receiver first exchange their public keys. Remember that data encrypted with someone’s public key can only be deciphered with his/her private key. After that, the ciphertext (the unreadable version of the message) is sent, and the receiver decrypts it using his/her private key and views the message.
How Does TLS Work?
An important thing to learn about is how TLS works. TLS uses both symmetric encryption and asymmetric encryption. In a TLS handshake, the client sends data about the certificates and cryptographic algorithms it supports, and some random data called the “client random”. After that, the server sends out the certificate and some random information called the “server random”.
The client then verifies the certificate. If it is valid, it will send out a premaster secret encrypted with asymmetric encryption that enables the session key to be created. After the same session key reaches both the client and the server, both sides confirm that the TLS handshake is complete. From then on, the connections in the session can use symmetric encryption.
Why Should You Use Encryption?
Encryption is an indispensable tool for data protection. If you don’t apply encryption on your storage devices, your data is at risk of being exposed by cybercriminals who are trying to use them illegally or even conduct identity theft. For example, suppose you use an external storage device to back up your data. In that case, you should encrypt it before you start storing files on the drive (if it was lost before you picked it up, it’s likely involved in a USB drop attack, so never plug it into your computer in that case). Moreover, you should encrypt your startup drive too, as this also contains personal information. If hackers open up a fully encrypted drive, they see a bunch of useless text unless they know the password to the decryption key.
Moreover, it protects your data from cyberattacks, especially the man-in-the-middle (MITM) attack. Using TLS on your website prevents MITM attacks from succeeding by rendering your data unreadable during the transfer. Encrypting your databases and servers can also prevent your website from getting into trouble if sensitive data is stolen. This also provides peace of mind for your customers, which can improve user experience.
Encryption is an essential aspect of data protection. If you haven’t encrypted your data or installed TLS on your website (if you have one), do so immediately. You should use encryption to protect your data. For more, please visit the websites in the references below.
References and Credits
- (n.d.). What happens in a TLS handshake? Retrieved September 20, 2021, from https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/
- (2017, August 17). 5 Real-World Benefits of Data Encryption Software. Retrieved September 20, 2021, from https://www.centritechnology.com/2016/03/17/5-benefits-data-encryption/
- (2021, August 22). An overview of the SSL or TLS handshake . Retrieved September 20, 2021, from https://www.ibm.com/docs/SSFKSJ_7.5.0/com.ibm.mq.sec.doc/q009930_.htm
- (2017, October 30). Asymmetric Encryption – Simply explained. Retrieved September 20, 2021, from https://www.youtube.com/watch?v=AQDCe585Lnc
- (2020, November 3). What Is Asymmetric Encryption & How Does It Work? Retrieved September 20, 2021, from https://sectigostore.com/blog/what-is-asymmetric-encryption-how-does-it-work/