Encryption

What is encryption?

Encryption is the conversion of data into a form, called a cipher text. There are two basic techniques for encrypting information: symmetric encryption (also called secret key encryption) and asymmetric encryption (also called public key encryption).

How encryption works

Encryption program uses an encryption algorithm (complex mathematical processes) to encrypt and decrypt the data. Encryption algorithm creates specific strings of data used for encryption - keys that consist of long strings of bits or binary numbers. The more bits in the key, the more the number of possible combinations of binary numbers that makes the code more difficult to break. Then encryption algorithm scrambles data by combining the bits in the key with the data bits. In symmetric encryption, the same key is used to scramble (encrypt) and unscramble (decrypt) data. In asymmetric key encryption, two different keys are required - one for encryption and one for decryption.

Why you need encryption

   Nowadays when more and more sensitive information is stored on computers and transmitted   over the Internet, we need to ensure information security and safety.

   One of the most common uses of encryption is encrypting emails. Sending sensitive messages, documents and files over the Internet is like sending a postcard as all emails are transmitted in an unsecured form. It doesn't depend on if you send emails via public and private networks. Your message is totally open to interception by anyone along the way - so anybody - your ISP, your boss, etc. can read your emails. Even if you connect to your server and send your emails via SSL, it only means that your emails can't be seen while transmitting between you and your server. When your email reaches your server, it can be seen by your email service provider. Then your server usually sends your email to the recipient in an unsecured way and your email can also be easily seen by anyone.

Private network, where email goes directly to a mail server and resides there until it is retrieved, also doesn't provide necessary security level, as you email can be seen e.g. by network administrator, your boss, etc.

   Of course, you may believe that your personal email does not contain any private information, but everyone has got something to keep in secret from his family, neighbours or colleagues. It could be financial, sexual, social, political, or professional secrets. There is really only one sure way to protect your email privacy - using encryption.

Symmetric Encryption

Symmetric Encryption (also known as symmetric-key encryption, single-key encryption, one-key encryption and private key encryption) is a type of encryption where the same secret key is used to encrypt and decrypt information or there is a simple transform between the two keys.
A secret key can be a number, a word, or just a string of random letters. Secret key is applied to the information to change the content in a particular way. This might be as simple as shifting each letter by a number of places in the alphabet. Symmetric algorithms require that both the sender and the receiver know the secret key, so they can encrypt and decrypt all information.
There are two types of symmetric algorithms: Stream algorithms (Stream ciphers) and Block algorithms (Block ciphers).

Types of Symmetric algorithms (Symmetric-key algorithms)

Symmetric algorithms (Symmetric-key algorithms) use the same key for encryption and decryption. Symmetric-key algorithms can be divided into Stream algorithms (Stream ciphers) and Block algorithms (Block ciphers).

Stream Ciphers
Stream ciphers encrypt the bits of information one at a time - operate on 1 bit (or sometimes 1 byte) of data at a time (encrypt data bit-by-bit). Stream ciphers are faster and smaller to implement than block ciphers, however, they have an important security gap. If the same key stream is used, certain types of attacks may cause the information to be revealed.

Block Ciphers

Block cipher (method for encrypting data in blocks) is a symmetric cipher which encrypts information by breaking it down into blocks and encrypting data in each block. A block cipher encrypts data in fixed sized blocks (commonly of 64 bits). The most used block ciphers are Triple DES and AES.

Some examples of symmetric encryption algorithms:

AES/Rijndael
Blowfish
CAST5
DES
IDEA
RC2
RC4
RC6
Serpent
Triple DES
Two fish

AES/Rijndael encryption

AES stands for Advanced Encryption Standard. AES is a symmetric key encryption technique which replaces the commonly used Data Encryption Standard (DES).
It was the result of a worldwide call for submissions of encryption algorithms issued by the US Government's National Institute of Standards and Technology (NIST) in 1997 and completed in 2000.
The winning algorithm, Rijndael, was developed by two Belgian cryptologists, Vincent Rijmen and Joan Daemen. AES provides strong encryption and was selected by NIST as a Federal Information Processing Standard in November 2001 (FIPS-197).
The AES algorithm uses three key sizes: a 128-, 192-, or 256-bit encryption key. Each encryption key size causes the algorithm to behave slightly differently, so the increasing key sizes not only offer a larger number of bits with which you can scramble the data, but also increase the complexity of the cipher algorithm.

Blowfish

Blowfish is a symmetric encryption algorithm (64-bit cipher) designed in 1993 by Bruce Schneier as an alternative to existing encryption algorithms. Blowfish has a variable key length - from 32 bits to 448 bits. Since then Blowfish has been analyzed considerably, and is gaining acceptance as a strong encryption algorithm.

CAST

CAST stands for Carlisle Adams and Stafford Tavares, the inventors of CAST. CAST is a popular 64-bit block cipher allowing key sizes up to 128 bits.

Data Encryption Standard (DES)

Data Encryption Standard (DES) is a block cipher with 64-bit block size that uses 56-bit keys. DES was invented over 20 years ago by IBM in response to a public request from the National Bureau of Standards. Due to recent advances in computer technology, some experts no longer consider DES secure against all attacks; since then Triple-DES (3DES) has emerged as a stronger method. Using standard DES encryption, Triple-DES encrypts data three times and uses a different key for at least one of the three passes giving it a cumulative key size of 112-168 bits.

IDEA

IDEA stands for International Data Encryption Algorithm. IDEA is a symmetric encryption algorithm that was developed by Dr. X. Lai and Prof. J. Massey to replace the DES standard. Unlike DES though it uses a 128 bit key. This key length makes it impossible to break by simply trying every key.

RC2

RC2 is a variable-key-length cipher. It was invented by Ron Rivest for RSA Data Security, Inc. Its details have not been published.

RC4

RC4 was developed by Ron Rivest in 1987. It is a variable-key-size stream cipher. It is a cipher with a key size of up to 2048 bits (256 bytes).
 

RC6

RC6 is a symmetric key block cipher derived from RC5. It was designed by Ron Rivest, Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. RC6 encryption algorithm was selected among the other finalists to become the new federal Advanced Encryption Standard (AES).

Serpent

Serpent is a block cipher developed by Ross Anderson, Eli Biham and Lars Knudsen. Serpent can work with different combinations of key lengths. Serpent was also selected among other five finalists to become the new federal Advanced Encryption Standard (AES).

Triple DES

Triple DES is a variation of Data Encryption Standard (DES). It uses a 64-bit key consisting of 56 effective key bits and 8 parity bits. The size of the block for Triple-DES is 8 bytes. Triple-DES encrypts the data in 8-byte chunks. The idea behind Triple DES is to improve the security of DES by applying DES encryption three times using three different keys.

Twofish

Twofish is a symmetric block cipher. Twofish has a block size of 128 bits and accepts keys of any length up to 256 bits.
Twofish encryption algorithm was designed by Bruce Schneier, John Kelsey, Chris Hall, Niels Ferguson, David Wagner and Doug Whiting. The National Institute of Standards and Technology (NIST) investigated Twofish as one of the candidates for the replacement of the DES encryption algorithm.