Cryptography is used to secure and protect data during communication. It is helpful to prevent unauthorized person or group of users from accessing any confidential data. Encryption and Decryption are the two essential functionalities of cryptography.
A message sent over the network is transformed into an unrecognizable encrypted message known as data encryption. At the receiving end, the received message is converted to its original form known as decryption.
What is meant by Encryption?
Encryption is the method by which plain text or any other type of data is converted from a readable form to an encoded version that can only be decoded by another entity if they have access to a decryption key. Encryption is one of the most important methods for providing data security, especially for end-to-end protection of data transmitted across networks.
What is a key?
In cryptography, a key is a piece of information used in combination with an algorithm (a cipher) to transform plaintext into ciphertext (encryption) and vice versa (decryption). Each key is unique and created via an algorithm to make sure it is unpredictable. Longer keys are harder to crack. Common key lengths are 128 bits for symmetric key algorithms and 2048 bits for public-key algorithms.
Types of Keys
1. Public Key:
Public key cryptography is an encryption system which is based on two pairs of keys. Public keys are used to encrypt messages for a receiver.
2. Private Key:
A private key may be part of a public/ private asymmetric key pair. It can be used in asymmetric encryption as you can use the same key to encrypt and decrypt data.
How does encryption work?
Plain text is encrypted using an encryption algorithm and an encryption key. This generates an unreadable text which is called as Ciphertext. Decryption is the inverse of encryption, the original form of data can only be viewed by decrypting encrypted data with the correct key. There are two main types of data encryption methods,
- Symmetric Encryption (private-key encryption)
- Asymmetric Encryption (public-key encryption)
Cryptographically strength is similar in both of these methods but asymmetric encryption requires heavier mathematics and more computational power compared to symmetric encryption. So, asymmetric encryption is less efficient than symmetric encryption.
Symmetric Encryption
In symmetric encryption, Single key is used for both the tasks i.e., for encrypting as well as decrypting. Blowfish, AES, RC4, DES, RC5, and RC6 are examples of symmetric encryption algorithms.
For Example, let’s consider that the Sender has an important message that wants to send immediately to the Recipient. Firstly, the sender generates a symmetric key(shared key) and shares it with the recipient prior to the communication. Both of them will come to an agreement that they will use the shared key for both encryption and decryption for the messages they pass between them. The sender encrypts the message i.e., Ciphered data, and sends it to the recipient over the network. The sender will decrypt the ciphered data in the receiving end and will get the original message. Since only the sender and recipient have the shared key, others cannot view/alter the message even if they have access to it.
Asymmetric Encryption
Asymmetric encryption is opposite to the symmetric encryption as it uses a pair of keys: a private one and a public one. The public key can be shared with everyone(publicly available), whereas the private key must be kept secret.
The public key is used to encrypt your data, and the other to decrypt the encrypted message, which is called the private key. For example, when you encrypt the sender’s message using a public key, that same message can only be decrypted using the recipient’s private key. Most widely used asymmetric key algorithms are RSA and DSA.
How are Encryption Keys Generated?
Keys are usually generated with computer algorithms that mimic random number generators. A more complex way that computers can create keys is by using user mouse movement to create unique seeds. Modern systems that have forward secrecy involve generating a fresh key for every session.
Applications of Encryption
Encryption is widely used on the internet to protect user-information being sent between a browser and a server, including passwords, payment information and other information that should be considered private. It is also commonly used to protect sensitive data stored on computers, servers and mobile devices like phones or tablets.
1.Process of Signing(Digital Signature) :
A Digital signature is a way of signing electronic documents. The purpose of a digital signature is to verify the authenticity of a document, it verifies that the sender is the person who claims to be. The author or the sender hash the document and then encrypts it with their private key, this is the digital signature. Then the original document along with its digital signature is sent to the receiver. The receiver then decrypts the signature with the public key of the sender and get the hash value, at the same time original document will pass through the same hashing function and calculate the hash value, if both hash values are equal it verifies the authenticity and document has not tampered.
2. SSL/TLS Authentication Process :
In SSL/TLS handshake process when a client says hello, the server sends its asymmetric public key along with a certificate that asserts public key belongs to the server. After certificate validation, the browser generates a symmetric key and encrypts it with the server’s asymmetric public key and sends it to the server. By using the asymmetric private key, the server decrypts and gets the symmetric key. From then, every request and response between server and client throughout that session will be encrypted with the shared symmetric key.
