As cyber threats become a daily occurrence, it’s more important than ever to understand the different types of encryption. In past weeks, we’ve covered several topics around encryption, and now we’re going to take a closer look at the various encryption types.
Quick Encryption Recap – Encryption is the process of making readable data unreadable through the use of cryptographic keys. Cryptographic keys, when combined with encryption algorithms, are what make encryption possible. The two encryption methods predominantly used are symmetric encryption and asymmetric encryption. Both methods use mathematical algorithms to scramble data, so it is indecipherable; however, the different types of encryption use different algorithms depending on what security capabilities are needed.
Symmetric encryption is an algorithm that uses the same cryptographic key to both encrypt and decrypt information. The data is encrypted before sending, and the person on the receiving side will use their copy of the same key to decode the information. The key is in a best practice case wrapped and protected with a password scheme such as PBKDF2 to reduce the vulnerability to brute force attacks.
Types of Symmetric Encryption
- AES – Advanced Encryption Standard – Symmetric key algorithms using the same key to encrypt and decrypt data. Being the standard, AES is considered one of the best encryption algorithms.
- DES – The Data Encryption Standard – The original form of encryption that uses a symmetric key algorithm to encrypt data. However, this encryption method is obsolete primarily because today’s computers can easily crack it.
- 3DES – Triple DES – An algorithm that uses the DES cipher three times to encrypt data.
Asymmetric encryption uses two different cryptographic keys: a public key and a private key. In this type of encryption, both keys are needed to decrypt the data. The public key is usually accessible to everyone and is often attached to a certificate with the public key owner’s information and a few details about the key. The private key is heavily protected and is the only way to decrypt the data. The private key is derived from the public key, but the private key cannot be accessed using the public key. Each full participant needs their own set of keys.
Types of Asymmetric Encryption
- RSA – Named after its inventors Ron Rivest, Adi Shamir, and Leonard Adleman – this is a public-key cryptosystem encrypting information through prime numbers. This method is effective because it’s easy to calculate in one direction and incredibly hard to calculate in reverse.
- Diffle-Hellman – Another named after its inventors, Whitfield Diffie and Martin Hellman. A key exchange algorithm is used to exchange cryptographic keys over public channels securely. Keys are not exchanged – the pair are obtained together.
- ECC – Elliptic Curve Cryptography – An alternative to RSA. This powerful cryptography approach generates security between key pairs for public-key encryption by using the mathematics of elliptic curves.
- El Gamal – A key encryption algorithm for public-key cryptography based on the Diffie–Hellman key exchange, using the primitive root mathematical theory.
- DSA – Digital Signature Algorithm – The standard for a digital signature based on the public-key cryptosystem. DSA uses algebraic properties of discrete logarithm problems and modular exponentiations.
When determining the correct type of encryption to use, it’s essential to understand the risks we take every day when transferring information electronically. Think of how easy it would be to leave a laptop at the bus stop, or have a phone drop out of a pocket. Many of the cybersecurity breaches arise from good-intentioned people being careless with their devices. If those devices aren’t set up with adequate security features, the consequences could have a catastrophic impact on your ability to help your customers and protect your information.
It’s important for businesses to take security measures seriously, but they don’t have to do it alone. The DataLocker team is here to answer your questions and make sure you are set up with reliable and easy security.