Encryption
Encryption is a vital process used to safeguard data and files from unauthorized access. It ensures that sensitive information, such as passwords, personal identification numbers, and financial records, remains private, either when stored on a device or while being transmitted online. This process involves encoding information using cryptographic algorithms, which essentially render the data unreadable to anyone without the appropriate decryption key. Encryption methods are generally categorized into two types: symmetric encryption, which uses the same key for both encryption and decryption, and asymmetric encryption, which employs a public key for encryption and a private key for decryption. Asymmetric encryption is regarded as more secure due to its dual-key system. The importance of encryption is particularly pronounced in online transactions, where sensitive data is often sent over the internet. Secure protocols like Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are commonly employed by websites to protect user information, indicated by the "https" prefix in their URLs. Overall, encryption is essential for protecting privacy and mitigating the risk of identity theft in the digital age.
On this Page
Subject Terms
Encryption
Encryption is the process of protecting data or files so that they cannot be accessed by unauthorized users. In some cases, specific files or the hard drive on which they are stored are encrypted to ensure privacy; in others, data is encrypted to ensure that it cannot be intercepted or tampered with while being transferred from one computer to another or from a computer to a website. Information that is frequently encrypted includes passwords, personal information such as Social Security numbers, and financial records. Data can be encrypted using a variety of algorithms, which are generally categorized as either symmetric or asymmetric encryption.
Overview
The security of sensitive data is a matter of significant concern among computer users worldwide. Files stored on computers may contain personal information that users would prefer not to share, and passwords and similar data transmitted through the Internet may be vulnerable to interception by hackers or identity thieves. However, when this information is encrypted—that is, encoded so that it is rendered unreadable by anyone who does not possess the key to decrypt it—it can be stored or transmitted with a decreased risk of misuse.
Encryption is based on cryptographic algorithms, or sets of steps that must be performed in order to decode a message or file. The file or data is encrypted using a key and then stored or transmitted to a website or another computer, where it is decoded using either the same or another key. Many different algorithms are used to encrypt information. Most can be classified as either asymmetric encryption, also known as public-key encryption, or symmetric encryption, also known as private- or secret-key encryption. In asymmetric encryption, different keys are used to encrypt and decrypt the data. The key used to encrypt the data is public and can be used by anyone, but the key used to decrypt it is private and available only to the data’s intended recipient. In symmetric encryption, a single key is used to both encrypt and decrypt the data. Asymmetric encryption is generally considered to be the more secure process.
Although encryption of stored files and storage devices, such as hard drives, is common, encryption is perhaps most crucial when used on the Internet. When a user logs in to a website, he or she transmits data such as a password and the answers to security questions across an Internet connection. If that connection is not secure, hackers or other unauthorized individuals could potentially view that information. Encryption becomes especially important when a user transmits sensitive personal or financial information, which could be intercepted by identity thieves. To prevent such information from being viewed or stolen, many websites use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols, both of which are forms of asymmetric encryption. Websites that use SSL or TLS protocols to protect user passwords and other information can be recognized by the presence of the prefix https (Hypertext Transfer Protocol Secure), rather than the more familiar http (Hypertext Transfer Protocol), in the URL.
Bibliography
"A Brief History of Encryption (and Cryptography)." Thales, 1 Feb. 2023, www.thalesgroup.com/en/markets/digital-identity-and-security/magazine/brief-history-encryption. Accessed 6 Jan. 2025.
Cozzens, Margaret, and Steven J. Miller. The Mathematics of Encryption: An Elementary Introduction. American Mathematical Society, 2013.
Joye, Marc, Debdeep Mukhopadhyay, and Michael Tunstall, editors. Security Aspects in Information Technology: First International Conference, InfoSecHiComNet 2011, Haldia, India, October 2011. Springer, 2011.
Kiayias, Aggelos, and Serdar Pehlivanoglu. Encryption for Digital Content. Springer, 2010.
Loshin, Peter. Simple Steps to Data Encryption: A Practical Guide to Secure Computing. Syngress, 2013.
MacCormick, John. Nine Algorithms That Changed the Future: The Ingenious Ideas That Drive Today’s Computers. Princeton UP, 2012.
Pfleeger, Charles P., and Shari Lawrence Pfleeger. Analyzing Computer Security: A Threat/Vulnerability/Countermeasure Approach. Prentice, 2012.
Sheldon, Robert, et al. "Encryption." TechTarget, Feb. 2024, www.techtarget.com/searchsecurity/definition/encryption. Accessed 6 Jan. 2025.
Smith, Richard E. Elementary Information Security. Jones, 2013.
Stamp, Mark. Information Security: Principles and Practice. 2nd ed., Wiley, 2011.