Encryption is a process of translating a message, into an encoded message.
Encryption is the mathematical science of codes, ciphers, and secret messages. Throughout history, people have used encryption to send messages to each other that (hopefully) couldn’t be read by anyone besides the intended recipient.
When we use the Internet, we’re not always clicking around and taking in information, such as reading news articles — a great deal of our time online involves sending others our own information. Ordering something over the Internet, whether it’s a book, a CD or anything else from an online vendor, or signing up for an online account, requires entering in a good deal of sensitive personal information. A typical transaction might include not only our names, e-mail addresses and physical address and phone number, but also passwords and personal identification numbers (PINs).
Computer encryption is based on the science of cryptography, which has been used as long as humans have wanted to keep information secret. Before the digital age, the biggest users of cryptography were governments, particularly for military purposes.
The Greek historian Plutarch wrote, for example, about Spartan generals who sent and received sensitive messages using a scytale, a thin cylinder made out of wood. The general would wrap a piece of parchment around the scytale and write his message along its length. When someone removed the paper from the cylinder, the writing appeared to be a jumble of nonsense. But if the other general receiving the parchment had a scytale of similar size, he could wrap the paper around it and easily read the intended message.
Today, we have computers that are capable of performing encryption for us. Digital encryption technology has expanded beyond simple secret messages; today, encryption can be used for more elaborate purposes, for example, to verify the author of messages or to browse the Web anonymously with Tor.
Ciphers are also known today as algorithms, which are the guides for encryption — they provide a way in which to craft a message and give a certain range of possible combinations. A key, on the other hand, helps a person or computer figure out the one possibility on a given occasion.
Computer encryption systems generally belong in one of two categories:
- Symmetric-key encryption
- Public-key encryption
Symmetric Key
Just like two Spartan generals sending messages to each other, computers using symmetric-key encryption to send information between each other must have the same key.
Think of it like this: You create a coded message to send to a friend in which each letter is substituted with the letter that is two down from it in the alphabet. So “A” becomes “C,” and “B” becomes “D”. You have already told a trusted friend that the code is “Shift by 2”. Your friend gets the message and decodes it. Anyone else who sees the message will see only nonsense.
The same goes for computers, but, of course, the keys are usually much longer.
Public Key Encryption
One of the weaknesses some point out about symmetric key encryption is that two users attempting to communicate with each other need a secure way to do so; otherwise, an attacker can easily pluck the necessary data from the stream.
Public-key encryption uses two different keys at once — a combination of a private key and a public key. The private key is known only to your computer, while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key, provided by the originating computer, and its own private key.
Other Concepts to Understand in Encryption
SSL and TLS
A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).
In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways.
You will notice that the “http” in the address line is replaced with “https,” and you should see a small padlock in the status bar at the bottom of the browser window. When you’re accessing sensitive information, such as an online bank account or a payment transfer service like PayPal, chances are you’ll see this type of format change and know your information will most likely pass along securely.
Under some circumstances, encryption can be fairly automatic and simple. But there are ways encryption can go wrong, and the more you understand it, the safer you will be at against such situations.
Security Certificates
Another extremely valuable concept to understand is a security certificate. The Web browser on your computer can make encrypted connections to sites using HTTPS, when they do that, they examine certificates to check the public keys of domain names—(like www.google.com, www.amazon.com).
Certificates are one way of trying to determine if you know the right public key for a person or website, so that you can communicate securely with them.
From time to time, you will see certificate-related error messages on the Web. Most commonly, this is because a hotel or cafe network is trying to break your secret communications with the website.
It is also common to see an error because of a bureaucratic mistake in the system of certificates. But occasionally, it is because a hacker, thief, police agency, or spy agency is breaking the encrypted connection.
Unfortunately, it is extremely difficult to tell the difference between these cases. This means you should never click past a certificate warning if it relates to a site where you have an account, or are reading any sensitive information.
Key Fingerprints
The word “fingerprint” means lots of different things in the field of computer security. One use of the term is a “key fingerprint,” a string of characters like “342e 2309 bd20 0912 ff10 6c63 2192 1928” that should allow you to uniquely and securely check that someone on the Internet is using the right private key.
If you check that someone’s key fingerprint is correct, that gives you a higher degree of certainty that it’s really them. But it’s not perfect, because if the keys are copied or stolen someone else would be able to use the same fingerprint.
Source : Wikipedia
