Encryption 101: your complete guide
Infosec 101 - 11 min read
May 18, 2022
Jan 10, 2020
3 min read
How much is your privacy worth?
No matter if you're the highest-ranking general in the Pentagon or a couple of gossiping colleagues, you understand how precious privacy is. Or how detrimental losing it would be.
A need for secure communication did not just pop up. We've had it for thousands of years.
Can you believe that most of the principles have remained the same since the dawn of the Roman Empire?
Some things have evolved. We introduced complex mathematical algorithms and switched to digital. But the core elements, like symmetric-key encryption, have remained the same.
This is not a true symmetric encryption definition, but it does the job:
Symmetric encryption means that there is only one key able to encrypt or decrypt that message.
Next, we'll explain how symmetric cryptography works and show you how it differs from its 'baby brother,' asymmetric cryptography.
How does symmetric encryption work? The principles are the same for every message. To encrypt any message, you need three elements:
Let's take any phrase. For example, 'bananas are yummy.'
A mathematical cryptographic algorithm would turn this phrase into an unreadable sequence of symbols like '[email protected][p6#!zv.'
To turn it back into its original form, you would need a key or a passphrase. In the case of symmetric encryption, a single key (or a passphrase) is generated to decrypt the message.
One-key cryptography has its positives. Due to built-in authentication, you can't create another symmetric key that would fit that digital lock. Safe. But you also must consider that, if the original key is lost, the data would be lost as well.
Sharing raises an additional question. How do you securely share the key to your message with another person? And what if there are multiple people?
But problems don't end here. Let's say you managed to securely share the key with five family members (friends, coworkers). It means now there are five copies of the original encryption key. New keys, new security threats. Can you be sure that Bob from accounting will be as protective of your encryption key as you are?
As the example above illustrates, the most significant risk in symmetric-key encryption is key sharing. Luckily, another type of encryption is perfect for sharing keys. We’ll cover it a bit later. In order to finish with symmetric encryption, we must look at different algorithms used for this purpose.
There are numerous symmetric encryption algorithms but only two ways they work. Stream ciphers encrypt messages bit by bit (letter by letter, number by number), and block ciphers that encrypt messages in blocks of data.
The most popular stream cipher today is ChaCha20, which even Google uses for internal security. We use it too. With code authenticator Poly1305, we use ChaCha20 to secure your secret key.
Block ciphers are more common. There may be even some you already know. Here are the most popular block ciphers:
Asymmetric encryption creates a pair of keys (one public, one secret). The message is encrypted using the owner's secret key and the recipient’s public key. Similarly, for decryption, you would use the sender's public key and the recipient's secret key.
These keys cannot be derived from one another, so anyone can see your public key. In fact, you could even put your public key on a billboard without compromising your security.
If you like Ancient Greece, you can think of symmetric encryption like Achilles. Both are extremely tough but have one specific weakness. For Achilles, it’s his heel. For symmetric-key encryption, it’s key sharing. On the other hand, asymmetric-key encryption is much safer for key sharing. That’s the main difference between symmetric and asymmetric cryptography, but it’s not the only one.
Due to the strengths and weaknesses, the keys are used in different ways. Mostly, symmetric encryption protects the message, while an asymmetric algorithm is used to send the symmetric key securely. NordLocker does this too. We combine symmetric-key encryption (AES) with asymmetric-key encryption (ECC) to make your experience as fast and as safe as possible.
We hope the article helped you understand the topic much better. If not, feel free to ask us any questions.
John believes that the best things in life are simple. He uses the same approach when he’s writing about online security. John says that his #1 pet peeve is phishing scams. Ironically, his favorite non-work related activity is fishing.