Encryption is a hot topic these days, as you might have noticed. If you are not fully conversant with what encryption means or why it is employed as a security tool, you are missing an important part of modern communication technology.
You may or may not be aware that WhatsApp, and other messaging apps like it, prides itself on offering end-to-end encryption of all messages sent and received by its users.
In simple layman’s terms, the tool used to obfuscate any message in any form. The process of movement from the moment it leaves the device of the sender until the actual recipient of the message receives it on their device is known as encryption.
This means even in the likely or unlikely event of someone trying to intercept such messages on its path, they will not be able to make out head or tail out of it.
The texts and images are converted into what is called ciphertext. When it reaches the genuine recipient, the texts are converted back into normal text, restoring it to how it was written in the first place.
There are many such terms and concepts used within this encryption/decryption ecosystem. Here’s a rundown of the most common ones:
As you would have guessed by now, this term is used to describe the message in the format it is originally written or inputted by the sender of the message. In this form, it can be read by anybody. Another term by which this is known is “cleartext.”
One way to understand this concept is to imagine a jumble game where letters constituting simple words are placed in a haphazard manner, thereby making any reader take time to untangle them to form the correct word.
But in the case of ciphertext, you can’t see any such clear letters.
Ciphertext will appear as a combination of letters, symbols and hyphens. The word message, for example, may be represented by A4Sh*L@. You will now understand how it is impossible to legibly read any such content.
You might have noticed that while trying to create a password on any website, you type the letters or symbols or numbers on your keyboard but they only appear as asterisks on the screen within the box provided. This is handled by algorithms which work in the background to instantly convert the text you input.
In the same manner, there are algorithms used by websites which convert the messages typed by the sender into ciphertext.
This process itself is called “Hashing.” The algorithms are present on both ends to do a match and then deliver the message in the plaintext form at the receiver’s device.
Hashing is basically a tool that shortens the time taken to do the encryption, particularly when the message size is large.
A key in the world of cryptography is the tool required by the algorithms to do the conversion both ways, to encrypt or decrypt data.
You can understand the key by comparing it to a password, the only difference being a key is generated by the algorithms automatically.
- Symmetric and Asymmetric Algorithms
Algorithms are basically mathematical formulas adopted by computer technologists to perform many functions. Here, when the same sets of algorithms are used as the key to both encrypt and decrypt data, they are called symmetric algorithms.
This is done through a process while writing the codes and creating the websites. But if it is agreed that the algorithm used while encrypting would be different to the one while the same set of data is being decrypted, then they become asymmetric algorithms.
- Digital Signature
This is another term you might have come across. In modern times, several important documents are transmitted as soft copies and are considered legally valid when a printout is taken and submitted as long as it says it has been digitally signed.
There are keys to verify the digital signature and it is used to validate the document being sent online.
- Public and Private Keys
Again, these terms explain themselves. Once you have understood what keys are and how they are used, it would be easier to learn that a private key is the algorithm that the creator of a message or document keeps with themselves.
A public key, on the other hand is the one that is shared with the others meant to read the text after decryption.
So, a typical message that follows the asymmetrical algorithm model, will have one key that is private at the sender’s end and a key that is public at the receiver’s end.
The major application of these keys is in the verification of digital signatures.
You used to surf the internet and use only the four letters, HTTP, the internally accepted protocol. But, the S, standing for secure, has been added to give you the assurance that the website that has the HTTPS prefix adheres to the security standards which require that any data that you transmit through that site stands encrypted and will leave no trail.
It is easy to understand through everyday practice that you may be used to. You may visit a site and seek more information and there will be a page asking you to provide your personal details like your location and email address.
These details are captured by the website and unless they are encrypted, it can be read by anyone. More importantly, if the site is an ecommerce enabled one and you transact business making payments using your credit/debit cards, the risk is even greater if the site does not hold a HTTPS certification.
Though the impression might be that encryption is a tool used only in communications, that is not the case.
You can encrypt a simple document in your computer system so that even if your system gets hacked, the hacker cannot read the contents.