Browse by Domains
Table of Contents

What is Encryption?

By Updated on Jul 19, 2022 573
Table of contents

We live in the digital era, where our worlds spin digitally, and we tend to share our personal information over the internet. It’s time to understand that it’s pretty dangerous since hackers can misuse this data for various purposes. Hackers can eavesdrop on the conversation between different parties to gain sensitive information. Let’s decipher what encryption and decryption are all about in detail. 

  1. What are Encryption and Decryption?
  2. Importance of Encryption
  3. Benefits of Encryption
  4. What is Cryptography?
  5. What is End to End Encryption?
  6. How does encryption work?
  7. What are the different types of encryption?
  8. What is an Encryption algorithm?
  9. What is an Encryption Protocol?
  10. Disadvantages of Encryption
  11. How to break encryption?

What are Encryption and Decryption?

Encryption

Encryption is the process of securing digital data using mathematical techniques with the help of a key used to encrypt and decrypt the data.

The encryption key is the heart and soul of the encryption process, a string of characters generated based on various encryption algorithms. Encryption is the process of converting plaintext into Ciphertext.

Plain text is data in a readable format, and Ciphertext is data in an unreadable format.

Encrypted data is called Ciphertext, whereas unencrypted data is called plain text.

Decryption

Decryption is the method of converting cipher text into plain text. The reverse process of encryption is carried out using decryption keys.

Importance of Encryption

Encryption protects private information and sensitive data between the client and the server.

Encryption focuses on Confidentiality, Integrity, Non-repudiation, and Authentication.

  • Confidentiality – Confidentiality ensures that only the intended receiver can understand the information.
  • Integrity ensures that no one alters confidential information without detecting the change.
  • Non-repudiation – Non-repudiation ensures that the information creator cannot deny their information creation and transmission intent.
  • Authentication – Authentication ensures that the sender and receiver confirm their identity to each other with the origin and destination of the information.

Benefits of Encryption

  • Protects the privacy of data and identity
  • Protects sensitive data in lost devices from being misused by hackers
  • Easy and cheap to implement
  • Ensures integrity of data

What is Cryptography?

Cryptography is the study of techniques for secure communication between sender and receiver. Cryptography is also known as Cryptology.

Cryptography is derived from the Greek word Kryptos, meaning “hidden,” and graphein meaning “to write.”

The significant difference between Encryption and Cryptography is that encryption is the technique of securing sensitive data from hackers. In contrast, Cryptography studies techniques for securing sensitive data from hackers.

What is End to End Encryption?

End-to-end encryption secures a communication network from third parties while data is transferred from one device to another.

WhatsApp is the best example that implements end-to-end encryption.

How does encryption work?

Let’s understand in detail what encryption is all about.

For example, consider Reena as the sender and Veena as the receiver. 

Reena wants to message “hello” to Veena, where “hello” is the plain text and consistently represented in lowercase letters, whereas Ciphertext is represented in uppercase letters.

Reena’s message “hello” is passed through an encryption algorithm where the plain text is converted into Ciphertext. The receiver, Veena, can only decrypt the Ciphertext if she has the decryption key. The key distribution center distributes the decryption key, and the key is known only to the sender, Reena, and the receiver, Veena.

The encryption key and the decryption key can be the same and different.

What are the different types of encryption?

Symmetric Encryption

It is a type of encryption that uses the same secret key for encryption and decryption.

Symmetric encryption is also known as secret key encryption.

A few popular symmetric encryption algorithms are Twofish, Blowfish, DES, Triple-DES, AES, etc.

Symmetric encryption is fast and efficient when compared to Asymmetric Encryption.

Symmetric encryption is categorized as Block cipher and stream cipher.

Block cipher

In Block cipher, blocks of plain text are converted into blocks of Ciphertext.

The block size depends on the algorithm, but it shouldn’t be too large or small. It should be multiples of eight, and it usually processes 64 bits or more.

Block cipher is simple but slower when compared to a stream cipher.

Stream cipher

In-Stream cipher, one byte of data is converted at a time from plain text to Ciphertext.

It processes 8 bits of data at a time.

Asymmetric Encryption

It is a type of encryption that uses a public key and a private key for decryption.

Asymmetric encryption is also known as public-key encryption.

In Asymmetric Encryption, two keys are involved. One is a public key known to all, and the other is the private key known only to the owner. The public key and the private key should be connected.

Also Read: Cryptography Tutorial

What is an Encryption algorithm?

An encryption algorithm is a mathematical procedure used to encrypt data. Encryption algorithms prevent data fraud and are usually a part of a company’s risk management protocols.

Few popular encryption algorithms are:

  • Triple-DES Algorithm
  • RSA Algorithm
  • AES Algorithm
  • Blowfish Algorithm
  • Twofish Algorithm

Triple-DES Algorithm 

The Triple-DES algorithm is also known as TDES.

TDES stands for triple data encryption standard. It is a symmetric key block cipher.

In triple DES, the DES cipher is applied thrice to each data block. The critical size of the DES cipher is 56 bits.

The DES cipher was susceptible to brute force attack, but developing a new algorithm would consume more money and time, so the existing algorithm was modified by increasing the critical size. That’s when triple DES came into the picture.

The critical size of triple-DES is 112 or 168 bits.

There are two types of triple-DES algorithms.

  • Triple DES with 2 keys
  • Triple DES with 3 keys

When two keys are used, the key size is 112 bits. When three keys are used, the key size is 168 bits. The block size of triple-DES is 64 bits. 

When two keys are used, the security of triple-DES is 2112.

When three keys are used, the security of triple-DES is 2168.

Triple DES is more secure but slower when compared to DES.

P represents plain text, and C represents Ciphertext

DES cipher represents the encryption algorithm.

Initially, consider 64-bit plain text. The 64-bit plain text is passed through an encryption algorithm where key K1 is applied. When the plain text is passed through an encryption algorithm, we get a ciphertext which is again passed through a decryption algorithm.

DES reverse cipher represents a decryption algorithm.

At this stage, key K2 is applied.

So, when the Ciphertext is passed through a decryption algorithm, we get back the plain text. This plain text is then passed through an encryption algorithm. At this stage, we use the same key K1 used initially. We get a ciphertext when the plain text is passed through an encryption algorithm. In the end, we get a 64-bit ciphertext.

P represents plain text, and C represents Ciphertext. 

DES cipher represents the encryption algorithm.

Initially, consider 64-bit plain text.

The 64-bit plain text is passed through an encryption algorithm. At this stage, key K1 is applied.

We get a ciphertext when the plain text is passed through an encryption algorithm. This Ciphertext is passed through a decryption algorithm.

DES reverse cipher represents a decryption algorithm.

At this stage, key K2 is applied.

So, when the Ciphertext is passed through a decryption algorithm, we get back the plain text. This plain text is then passed through an encryption algorithm. At this stage, we use the key K3.

We get a ciphertext when the plain text is passed through an encryption algorithm.

In the end, we get a 64-bit ciphertext.

RSA Algorithm

The acronym RSA is derived from its designers, Ron Rivest, Adi Shamir, and Leonard Adleman.

It is one of the oldest asymmetric cryptographic algorithms.

This algorithm is used to encrypt and decrypt messages using a public and a private key.

The RSA algorithm includes four steps:

  • Key generation
  • Key distribution
  • Encryption
  • Decryption

Key generation

  • Let us consider two large prime numbers, p and q. It is better to consider large prime numbers instead of small prime numbers. If you consider small prime numbers, the public and private keys will be the same.
  • Calculate the value of n:

             n=p*q

             n represents the modulus for encryption and decryption

  • Calculate Ф(n)

 Ð¤(n)=(p-1)*(q-1)

 Ð¤(n) represents Euler’s totient function

  • Calculate the value of e and d

e represents encryption and d represents decryption

gcd(e,Ф(n))=1; 1<e<Ф(n)

d≡e-1(mod(Ф(n))

d*e modФ(n)=1

Public key={e,n}

Private key={d,n}

Key distribution

Let’s understand what key distribution is with the help of an example.

Suppose Reena wants to send a message to Veena using the RSA algorithm; before Reena can encrypt the message, she should know Veena’s public key. Only after Reena receives Veena’s public key will Reena be able to encrypt the message. At the same time, Veena will be able to decrypt the message only using the private key. The private key of Veena is never distributed, whereas the public key of Veena is transmitted to Reena before Reena can encrypt the message.

  • Encryption

          At this step, plain text is converted into Ciphertext.

          c=me mod n; m<n

          c represents Ciphertext, and m represents plain text.

  • Decryption

           At this step, Ciphertext is converted into plain text.

           m=cd mod n

           m represents plain text, and c represents Ciphertext.

AES Algorithm

AES stands for Advanced encryption standard. AES algorithm is also known as Rijndael. It converts blocks of 128-bit plain text into Ciphertext using keys of 128,192, and 256 bits.

This is one of the most popular symmetric encryption algorithms.

Triple DES replaced the DES cipher, but it was comparatively slower. So, the AES algorithm was designed, which is super fast compared to triple DES.

The US National standards and technology established the AES algorithm in 2001 to encrypt electronic data.

AES algorithm is based on a substitution permutation network.

A substitution permutation network is a series of mathematical operations used in symmetric encryption algorithms. The block size in AES is 128 bits, and the key sizes are 128,192 and 256 bits.

The number of rounds depends on the critical size.

One hundred twenty-eight bits means 10 rounds.

One hundred ninety-two bits means 12 rounds.

Two hundred fifty-six bits means 14 rounds.

Blowfish Algorithm

The blowfish Algorithm is an alternative to the DES algorithm.

It is an asymmetric encryption algorithm that is fast and efficient compared to the DES algorithm.

The block size is 64 bits, and the critical size varies from 32 bits to 448 bits.

There are 18 subkeys,16 rounds, and 4 substitution boxes.

The substitution box is responsible for confusion between plain text and Ciphertext.

One of the significant advantages of the blowfish algorithm is that it is unpatented and can be used by anyone.

Blowfish algorithm is used in password management, operating systems, backup tools files, and disk encryption.

Twofish Algorithm

Twofish algorithm is a symmetric key block cipher.

It is suitable for both software and hardware environments.

Twofish algorithm was a finalist to become the industry standard for encryption, but it lost to the AES algorithm due to its slower speed.

One distinct feature of the Twofish algorithm is that it has pre-computed key independent S boxes.

The critical sizes in the Twofish algorithm are 128,192, and 256 bits. The block size is 128 bits with 16 rounds.

What is an Encryption Protocol?

Encryption protocols are security protocols used along with encryption algorithms to secure data efficiently.

Few popular encryption protocols are

  • TLS/SSL
  • IPsec
  • SSH
  • PGP

TLS/SSL

TLS stands for Transport layer security, and SSL stands for secure sockets layer.

TLS is an upgraded version of SSL. 

It is one of the most popular and secure encryption protocols.

The HTTPS in the URL indicates that the website is secured using TLS/SSL protocol, whereas HTTP indicates that the website is not secure. TLS/SSL doesn’t perform the encryption process alone, and it uses encryption algorithms such as RSA encryption, AES encryption, etc., to encrypt the communication.

TLS includes two layers, and they are:

  • Handshake protocol
  • Record protocol

Handshake protocol

  • The handshake protocol is used to initiate the communication between client and server. The client and server authenticate each other, choose an encryption algorithm and generate a shared key using public-key encryption.

Record protocol

  • Record protocol secures the data packet transferred between the client and the server using the shared keys generated during the handshake protocol.

IPsec

  • IPsec stands for internet protocol security.
  • It is commonly used in VPN. VPN stands for the virtual private network. As the name suggests, it is a secure private network for sending data into a network via an internet connection.
  • VPN hides the user’s IP address and redirects to the server where the VPN host handles it.
  • IPsec uses encryption algorithms such as triple DES encryption, AES encryption, etc.
  • IPsec is fast and easy to implement. 

IPsec is implemented in two modes, and they are:

  • Tunnel mode 
  • Transport mode

Tunnel mode 

  • In Tunnel mode, payload and header are encrypted and sent in a new packet with another header.

Transport mode

  • In Transport mode, only the payload is encrypted and not the header.

SSH

SSH stands for secure shell. The working of SSH is similar to that of VPN. In SSH, an encrypted tunnel is created to transfer files. 

SSH works at 3 different levels, and they are:

  • Transport level
  • User authentication level 
  • Connection level

Transport level

  • The Transport level is responsible for establishing a secure connection between two parties, authenticating the two parties, and encrypting the data.

User authentication level 

  • At the User authentication level, the client authenticates its identity using the authentication method specified by the server at the transport level.

Connection level

  • The connection level handles all the connections between server and client.

PGP

  • Its actual name is OpenPGP. PGP stands for pretty good privacy.
  • It is used with algorithms such as RSA, TRIPLE DES, AES, Twofish, etc.
  • It allows the users to encrypt the data and digitally sign over it to ensure that it is authenticated. It also ensures integrity.
  • PGP is mainly used to secure confidential email information.

Disadvantages of Encryption

Every topic has its pros and cons. Similarly, encryption has its disadvantages.

Encryption protects confidential data from hackers, but it might also sometimes prevent the data owner from accessing it.

One of the significant disadvantages of encryption is key management.

Key management should be done efficiently as Encryption and decryption keys cannot be compromised, which might invalidate the data security measures taken.

  • Key management

Key management is fundamental to data security, and it is the process of setting up standards to secure encryption and decryption keys in an organization.

Key management includes the creation, deletion, storage, and exchange of keys.

How to break encryption?

There are various methods to break encryption, such as brute force attack,side-channel attack, and cryptanalysis.

What is a Brute force attack? Is encryption?

A brute force attack is made to damage an organization’s reputation or to steal confidential information.

A brute force attack is a trial and error procedure used by hackers to crack passwords and encryption keys to gain unauthorized access.

One of the most significant advantages of brute force attack is that it is easy to implement, and its disadvantage is that it is slow.

Brute force attacks can be prevented by increasing the strength of passwords by using multi-factor authentication and limiting failed login attempts.

Multi-factor authentication is the process of authenticating the user at multiple steps.

A few types of Brute force attacks are simple brute force attacks, hybrid brute force attacks, reverse brute force attacks, and credential stuffing.

A few popular tools used in brute force attacks are NL Brute, RainbowCrack, THC Hydra, Hashcat, Aircrack-ng.

What is a Side-Channel attack?

In a Side-channel attack, the cipher isn’t attacked directly, and the attack is based on the information collected during implementation.

This attack occurs when there is a flaw in system design or program execution.

Few types of side-channel attacks are Electromagnetic, Acoustic, Power, Optical, Timing, Memory cache, Hardware weaknesses.

What is Cryptanalysis?

Cryptanalysis is identifying weaknesses in a cipher to attack the cipher.

A few types of Cryptanalytic attacks are:

  • Known-plaintext attack.
  • Ciphertext only attacks.
  • Chosen plain text attack.
  • Differential cryptanalysis attack.
  • Integral cryptanalysis attack.
  • Dictionary attack.
  • Man-in-the-middle attack.

A few popular tools used in Cryptanalysis are CrypTool, EverCrack, Cryptol, AlphaPeeler, CryptoBench.

Avatar photo
Great Learning
Great Learning's Blog covers the latest developments and innovations in technology that can be leveraged to build rewarding careers. You'll find career guides, tech tutorials and industry news to keep yourself updated with the fast-changing world of tech and business.
Recommended for you

Leave a Comment

Your email address will not be published. Required fields are marked *

Great Learning Free Online Courses
Scroll to Top