What is Encryption in Cryptography? How does it work?

What is Encryption?

Encryption is the process of making plaintext or any other form of data, which is in a readable form to non-readable form. Basically, it involves encoding (encoded data is also called ciphertext) the data with help of certain encryption algorithm so that data could be decoded on another end with a certain decryption key. Encryption is a very important technique which facilitates data security.

In today’s world wherever communication over the internet is happening, encryption plays a vital role in making secrecy of that conversation. It is widely used on the internet to protect user information being sent between a web browser and a server, including passwords, payment information and other personal information that should be considered private.

Why Encryption?

Anything gets developed, mostly for certain reasons, so encryption does possess too. The sole purpose of encryption is to protect the confidentiality of digital data stored on computer systems or transmitted over the internet or some other network. Nowadays every organization, every corporate house require their sensitive data to be encrypted in order to prevent unauthorized access of any third party or threat. Undercover agents of governments or any private body implement encryption in a very sophisticated way, they encrypt their highly sensitive project details, emails, chat histories and in fact every detail which could flush the curtain of their important details.

Encryption doesn’t guarantee the protection of data but it does add a layer of security that makes it more difficult for hackers to use the stolen data. It is now an important part of many products and services markets, used in the commercial and consumer domain to protect data even if it is moving or is stored, such as on a hard drive, smartphone or flash drive.

Brief History

The word encryption is taken from the Greek word called kryptos, which mean hidden or secret. The use of encryption is nearly as old as the art of communication. In early 1900 B.C., an Egyptian scribe used the incomprehensible symbols to hide the meaning of an inscription, time when even reading was a tough task for people, simply writing a message was often enough, but encryption schemes soon developed to convert messages into unreadable groups of figures to protect the message’s secrecy. The contents of a message were replaced with other characters, symbols, numbers or pictures to tuck away its meaning.

In early time, the Spartans used to write their sensitive information on strips of leather muffled around sticks. When the tape was unmuffled, the characters became meaningless, but with a stick of exactly the same diameter, the recipient could easily recreate the message.

Till mid of 1970 encryption schemes used the same secret for encrypting and decrypting a message: a symmetric key. But in 1976, Whitfield Diffie and Martin Hellman’s paper “New Directions in Cryptography” solved one of the core problems of cryptography: namely, how to securely provide the encryption key to those who need it. This breakthrough was followed shortly afterward by RSA, an implementation of public-key cryptography using asymmetric algorithms, which ushered in a new era of encryption.

The Enigma machines, used by Nazi Germany in the early- to mid-20th century to protect commercial, diplomatic and military communication is the most famous cipher machine of all time and was used to encrypt communication during World War II. The opponents managed to break Enigma which allowed them to intercept the communications and evaded them with great agility.

How encryption works and their types

We can understand this with the help of an example, suppose when you send a text message using any messaging app, for now, take WhatsApp as an example, then messaging service of WhatsApp muffles message in some kind of code, muddles it and generates a ciphertext. Now to decrypt that ciphertext and make the message in readable form again, it uses decryption key generated at the time of encryption on the side of the receiver.

Now we are going to discuss the types of Encryption Algorithm and their weaknesses. Today’s most used encryption algorithms are divided mainly into two categories: Symmetric Encryption and Asymmetric Encryption.

1. Symmetric Encryption: In symmetric encryption, a readable message or plaintext is encrypted to make it unreadable. This data is muddled using a key, after encrypting the message it is sent to the receiver safely. At the receivers end, encrypted data is decrypted using the same key which was used for encrypting.

This mechanism shows that the key is a very important part in symmetric encryption. The key should be hidden from the third party because, anyone who has access to the key, can easily decrypt private data. This type of encryption is also known as ‘Secret Key Encryption’.

Algorithms used for symmetric encryption are AES (Advanced Encryption Standard),  DES (Data Encryption Standard).

The weakness in this type of encryption is the security of the key, if a hacker can access this key, he can easily decrypt the encrypted data, destroying the whole encryption process.

2. Asymmetric Encryption: In asymmetric encryption, the encryption process of the message is same as that of symmetric one but instead of using the same key for encryption and decryption, it uses totally different one to decrypt the message. The key which is used for encryption is available to all the users in the network which qualifies to name it as a ‘public key’. While on the contrary part key which is used for decryption is kept secret and is used privately by any particular receiver, this key is named as ‘Private Key’.

Algorithms used for symmetric encryption are RSA (Rivest-Shamir-Adleman), ElGamal, Diffie-Hellman. Asymmetric encryption is also known as ‘public key encryption’.

The weakness in this type of encryption is that hackers use ‘the man in the middle attack’ to compromise this kind of encryption. They use guile networks to make you communicate with them, by forcing you to believe that you are operating on a secure connection.

Protocols involved in encryption

A protocol is a set of rules and instructions for communicating data. Rules are defined for each step and process during communication between two or more computers. Networks have to follow these rules to successfully transmit data. Some of the encryption protocols are discussed here.

Secure Socket Layer (SSL): The Secure Sockets Layer (SSL)  is the most widely used security protocol. It is a protocol that provides a secure encrypted channel between two machines operating over the Internet. The SSL protocol is typically used when a web browser needs to securely connect to a web server over the insecure Internet And through SSL certificate secure connection will be established.

Layer Two Tunneling Protocol (L2TP) : Layer 2 Tunneling Protocol (L2TP) is a networking protocol used by Internet service providers to enable virtual private network (VPN) operations. A User Datagram Protocol (UDP) port is used for L2TP communication because it does not provide any security for data such as encryption and confidentiality, an encryption protocol such as Internet Protocol security (IPsec) is often used with L2TP.

IPsecInternet protocol security (IPsec) is a set of protocols that provide security for Internet Protocol. It can use cryptography to provide security. IPsec can be used for the setting up of virtual private networks (VPNs) in a secure manner. IPsec is not a specific encryption algorithm, but rather a framework for encrypting and verifying packets within the IP protocol. IPsec can use different algorithms and can be implemented in whole or just partially. A combination of public key and private key cryptography is used to encrypt the packet contents, and hashes add authentication as well.

Point-to-Point Tunneling Protocol (PPTP) : PPTP is a standard that was developed by Microsoft, 3Com, and other large companies to provide encryption. It allows corporations to extend their own corporate network through private “tunnels” over the public Internet. Effectively, a corporation uses a wide-area network as a single large local area network.