This article was written by Ryan Krawczyk Security Consultant I at FoxPointe Solutions
What is Encryption?
Encryption is often utilized to protect and hide user information from hackers. However, understanding what encryption is and how it works may be daunting. By looking at the first forms of encryption, we can simplify and understand modern encryption.
The simplest form of encryption is referred to as a shift cipher. This basic cipher involves “shifting” each letter of the message by a certain number of letters down the alphabet.
For example, to encrypt “FoxPointe” in a shift cipher with a key of 4 means that we will take each letter of the message, starting with “F”, moving down four letters in the alphabet to “J”. This will repeat with each next letter, “O” would turn into “S”, until the word is fully encrypted. The final encrypted “FoxPointe” would be “JsbTsmrxi”.
In short messages, this can be a simple, but effective form of encryption. However, when encrypting longer messages, patterns can be noticed. Common letters, such as “E”, and common words, such as “THE”, can be used to find the number the letters have been shifted.
Issues with a Shift Cipher
The problem of repetition in the shift cipher poses a question. What if each letter of a message was shifted a different amount? This form of encryption is known as One-Time Pad encryption. One-Time Pad encryption generates a key that is different for each letter of the encrypted message. In other words, a 2000-word message would have 2000 keys. This method is very effective, as there is no pattern for hackers to find.
The largest issue with One-Time Pad encryption is that a new key is needed for each new message. Additionally, if the key is needed by the recipient to decode the message, how is the key shared?
So far, the methods of encryption have been symmetrical, meaning that they can be encrypted and decrypted with the same key. However, asymmetrical encryption can be encrypted with one key and decrypted with another key. These key pairs are referred to as Public and Private keys. One key is made public for anyone to use, while the other is kept private. To send an encrypted message with public keys, the sender would use the recipient’s public key to encrypt the message. The encrypted message can now only be decrypted with the recipient’s private key. This creates a very secure message that can only be read by the intended recipient. Because of this, asymmetric is often used for email encryption and other secure communication.