What is Encryption?
Encryption is the process of converting readable text (data) into an unreadable form (code or cipher text) using a mathematical algorithm.
The reverse of this process, i.e. converting cipher text or encrypted data back into its original form is called Decryption.
There are 2 types of encryption:
- Symmetric
- Asymmetric
Both types of encryption require something called a Key.
A Key can be described as a very large number. The key works with a mathematical algorithm to produce cipher text or encrypted text.
- Symmetric Encryption
In this kind of encryption there is only one key for the users. The pattern followed is this:
Sender – Uses the key to encrypt plain text to cipher text
Receiver – Uses the same key to decrypt the cipher text to plain text
In symmetric encryption, a secure communication channel needs to be established for distribution of keys.
Threats in Symmetric Encryption
The same key is used for encryption and decryption. So, is the key is wrongly shared or compromised, the data can be decrypted by any unknown user in possession of the key.
Risks in Symmetric Encryption
In symmetric encryption, the key has to be shared between the involved parties. Thus, organisations or users using symmetric encryption are more vulnerable to data theft because of this process during decryption.
The user can lose sensitive information causing financial loss or personal loss.
- Asymmetric Encryption
In asymmetric encryption, every user has a functional key pair –
- Public key
- Private key
Public key is meant for distribution to the entire world. Private key is meant to be securely preserved by the owner and used with complete responsibility.
Unlike symmetric encryption, no secure communication channel needs to be established for distributing the public keys.
Asymmetric encryption is used in Digital Signatures and Digital Certificates.
How does Asymmetric Encryption work?
In asymmetric encryption, a pair of specially generated keys is used. This key pair (public-private) has a special relationship in that any data encrypted with one key can be decrypted by the other one. Even the key used to encrypt cannot decrypt the data, only its corresponding pair can do that.
Complex mathematical algorithms are used to generate these keys.
Threats in asymmetric encryption
Cyber criminals who use this scientific method may encrypt important information which is then difficult or outright impossible to decrypt without a valid key pair. This same method is used to hide evidence or information related to a crime or criminal activities.
Risks in asymmetric encryption
Disgruntled and dissatisfied employees may encrypt some vital information before resigning. This information can never be decrypted and is lost forever. This leads to
- Huge financial loss
- Loss of reputation
- Closure of business
Criminals using this method to commit crimes are difficult to track.