Encryption: What is it?

There are two types of encryption: symmetric and asymmetric (also called public key). With symmetric encryption, you run a file through the program and create a key that scrambles the file. Then you e-mail the encrypted file to the recipient and separately transmit the decoding key (which could be a password or another data file). Running the same encryption application, the recipient uses the decoding key to unscramble the message.

Symmetric encryption is fast but not as safe as asymmetric encryption because someone could intercept the key and decode the messages. But because of its speed, it's commonly used for e-commerce transactions.

Asymmetric encryption is more complex - and more secure. Two related keys are required: a public key and a private key. You make your public key available to anyone who might send you encrypted information. That key can only encode data; it cannot decode it. Your private key stays safe with you. When people wish to send you encrypted information, they encrypt it using your public key. When you receive the ciphertext, you decrypt it with your private key. Asymmetric encryption's added safety comes at a price: more computation is required, so the process takes longer.

Symmetric and asymmetric encryption use different algorithms to produce ciphertext. In symmetric encryption, the algorithm divvies up data into small chunks called blocks. It then switches letters around, changes the information in each block into numbers, compresses and expands the data, and runs those numbers through mathematical formulas that include the key. Then the algorithm repeats the process, sometimes dozens of times over. An asymmetric encryption's algorithm, on the other hand, treats the text as though it were a very large number, raises it to the power of another very large number, and then calculates the remainder after dividing it with a third very large number. Finally, the remainder number is converted back into text. Encryption programs can use the same algorithms differently, which is why the recipient needs to use the same application to decode the message that you used to encode it.

Keys are the final piece in the encryption puzzle. Keys vary in length and, consequently, in strength. The reason: the longer the key, the greater the number of possible combinations. For example, if your encryption program uses 128-bit keys, your particular key could be any of more than 3.4 trillion billion billion billion - or 2 to the power of 128 - possible combinations of zeros and ones. A hacker is more likely to win the lottery than to crack that level of encryption using the brute-force method (systematically trying key combinations until they find the right one). By comparison, encryption experts can crack the average 40-bit symmetric key in about six hours on a typical home PC using brute force. However, even 128-bit encryption is vulnerable to some extent; pros have some sophisticated techniques that can help them crack even the toughest codes.

Join the newsletter!

Error: Please check your email address.
Show Comments