What is data encryption? Definition and description

Encryption – definition and meaning

In cybersecurity, encryption is the conversion of data from a readable format to an encrypted format. Encrypted data can only be read or processed after it is decrypted.

Encryption is the fundamental building block of data security. This is the simplest and most effective way to ensure that a computer system's information cannot be stolen and read by someone who wants to use it for malicious purposes.

Data security encryption is widely used by individual users and large companies to protect user information sent between a browser and a server. This information can include everything from payment data to personal information. Data encryption software, also known as an encryption algorithm or cipher, is used to develop an encryption scheme that can theoretically be cracked only with large amounts of computing power.

How does encryption work?

When information or data is shared over the internet, it passes through a series of network devices around the world that form part of the general internet. While data travels on the public internet, there is a possibility that it can be intercepted or stolen by hackers. To prevent this, users may use certain software or hardware to ensure secure transfer of data or information. In network security, these processes are known as encryption.

Encryption is converting human-readable plaintexts into unintelligible texts known as ciphertext. This means taking legible data and manipulating it so that it looks random. Encryption uses an encryption key, i.e. a set of mathematical values accepted by the sender and receiver. The receiver uses this key to decrypt the data, converting it back into readable plaintext.

The more complex the encryption key, the more secure the encryption; because third parties are less likely to crack passwords through brute force attacks (i.e. trying random numbers until the correct combination is guessed).

Encryption is also used to protect passwords. Password encryption methods encrypt your password and make it unreadable by hackers.

What are the most common encryption techniques?

The two most common encryption methods are symmetric and asymmetric encryption. These names are used to express whether the same key is used for encryption and decryption:

Symmetric encryption keys: This is also known as private key encryption. The key used for encryption is the same key used for decryption. This provides the best results for individual users and closed systems. Otherwise, the key must be sent to the buyer. This increases the risk of the key being compromised by third parties such as hackers. This method is faster than the asymmetric method.
Asymmetric encryption keys: In this method, two different keys (public and private) are used that are mathematically linked together. Keys are large numbers that are paired but not identical, hence the term asymmetric. The private key is kept secret by the owner, and the public key is either shared among authorized recipients or made publicly available.

Data encrypted with the recipient's public key can only be decrypted with the corresponding private key.

Examples of encryption algorithms

Encryption algorithms are used to convert data into ciphertext. An algorithm uses the encryption key to manipulate data in a predictable way. Although the encrypted data will appear random afterwards, it is possible to convert it back to plaintext with the decryption key.

There are many different types of encryption algorithms designed for different purposes. As old algorithms become insecure, new ones are developed. Some of the best-known encryption algorithms include:

DES encryption

DES stands for Data Encryption Standard. This is a now outdated symmetric encryption algorithm that is not suitable for today's uses. For this reason, it has been replaced by other encryption algorithms.

3DES algorithm

3DES stands for Triple Data Encryption Standard. It is a symmetric key algorithm and is referred to as “triple” because the data goes through the original DES algorithm three times during the encryption process. Although triple DES is also slowly falling out of favor, it still manages to provide a reliable hardware encryption solution for financial services and other industries.

AES encryption

AES stands for Advanced Encryption Standard and was developed to update the original DES algorithm. Common applications of the AES algorithm include messaging applications such as Signal or WhatsApp and file archiving program WinZip.

RSA encryption

RSA is the first publicly available asymmetric encryption algorithm. RSA is popular due to its key length and hence is widely used for secure data transfer. The abbreviation RSA consists of the initials of Rivest, Shamir and Adleman, the surnames of the mathematicians who first described this algorithm. RSA is considered an asymmetric algorithm because it uses double keys.

Twofish encryption

Used in both hardware and software, Twofish is considered one of the fastest of its kind. Since Twofish is not patented, it can be used by anyone. In this way, PhotoEncrypt can be found in encryption programs such as GPG and the popular open source software TrueCrypt.

RC4 encryption

It is also used in WEP and WPA, which are encryption protocols commonly used in wireless routers.

Examples of asymmetric encryption include RSA and DSA. RC4 and DES are examples of symmetric encryption. There are Common Criteria (CC) as well as encryption algorithms:

This is not an encryption standard, but a set of international guidelines for verifying product security claims.
CC guidelines were created to ensure that security products are audited by third parties, independent of the vendor.
Reviewed products are submitted voluntarily by suppliers and all or some of the functions are examined.
When a product is evaluated, its features are tested according to standards determined by the product type.
Although encryption was originally outside the scope of the Common Criteria, it is now increasingly included in security standards.

Encryption of data in transit and data at rest: What's the difference between the two?

Data encryption solutions, such as data encryption software and cloud data encryption, are generally categorized depending on whether they are designed to be used on data in transit or data at rest:

Encryption of transferred data

When data moves across private networks or between devices on the internet, it is considered data in transit. During transfer, data is more at risk due to the need for pre-transfer decryption and vulnerabilities associated with the transfer method itself. Encrypting data during transfer with a method called end-to-end encryption ensures that the confidentiality of the data is protected even if it is intercepted.

Encryption of data at rest

When data is on a storage device and is not actively used or transferred, it is considered data at rest. Because device security features restrict access, data at rest is generally more secure than data in transit, but is not inviolable. Additionally, such data often contains more valuable information and therefore represents a more attractive target for thieves.

Encrypting data at rest reduces opportunities for data theft due to lost or stolen devices, accidentally shared passwords, or accidentally granted permissions. It increases the time required to access information and provides valuable time for the data owner to detect data loss, ransomware attacks , remotely deleted data, or altered credentials.

One way to protect data at rest is with TDE. This stands for Transparent Data Encryption and is a technology used by Microsoft, Oracle, and IBM to encrypt database files. TDE protects data at rest by encrypting databases on both the hard drive and backup media. TDE does not protect transferred data.

What is end-to-end encrypted data?

End-to-end encryption is a term you often hear regarding data encryption. This refers to systems where only two users communicate and both have the key with which they can decrypt the conversation. For example, even the service provider who cannot access end-to-end encrypted data is included in this scope.

It is possible to reset end-to-end encrypted data. For example, on an iPhone, if you forget your passcode, a reset may be required to regain access to your device. If you do this, you will not be able to use any of the previously encrypted backup files. However, you can use iTunes to back up your iOS device again and set a new password for your backed up data.

Six key benefits of encryption

Encryption helps maintain data integrity

Hackers can not only steal information but also manipulate data to commit fraud. While it is possible for skilled hackers to alter encrypted data, data recipients can detect corruption and provide a rapid response to the situation.

Encryption helps organizations comply with regulations

Many industries, such as financial services or healthcare providers, are subject to strict regulations on how consumer data is used and stored. Encryption helps organizations meet these standards and ensure compliance.

Encryption protects data on all devices

Most of us use more than one device in our daily lives, and transferring data from device to device brings risks. Encryption technology helps protect data even during transfer between devices. Additional security measures, such as advanced authentication, help block unauthorized users.

Encryption is useful when moving data to cloud storage

More and more users and organizations are storing their data in the cloud, highlighting the importance of cloud security . Encrypted storage helps protect the confidentiality of this data. Users must ensure that data is encrypted during transmission, during use, and during storage.

Encryption helps organizations protect their offices

Many organizations frequently use remote working , especially after the pandemic . In this case, since data is accessed from more than one different location, there may be cyber security risks. Encryption helps protect against theft or accidental loss of data.

Data encryption protects intellectual property.

Digital rights management systems also encrypt intellectual property data (such as songs or software) at rest to prevent reverse engineering and unauthorized use or duplication of copyrighted materials.

Encryption has many important uses

Most of us encounter encryption every day. Popular uses include:

Every time you use ATMs or buy something online with a smartphone, encryption is used to protect the information being transferred.
Securing devices, for example encryption for a laptop.
Most legitimate websites use " secure socket layer " (SSL), a form of encryption, for data exchanges through the site. This prevents attackers from accessing this data during transmission. To ensure you have secure and encrypted transactions online, pay particular attention to the lock icon in the URL bar and the letter "s" in "https://".
Your WhatsApp messages are also encrypted, you can also have an encrypted folder on your phone.
Your emails can also be encrypted using protocols such as OpenPGP.
VPNs – Virtual Private Networks use encryption and everything you store in the cloud is encrypted. You can encrypt your entire hard drive and even make encrypted voice calls.
In encryption, a digital signature is used to prove the integrity and accuracy of information. Encryption is an integral part of digital rights management and copy protection.
Encryption can be used to erase data. Since deleted information can sometimes be recovered using data recovery tools, if you encrypt the data first and discard the key, the only thing that can be recovered may be the ciphertexts, in which case it will never be possible to access the original data.

In cybersecurity, encryption is a way to prevent private information from being stolen or compromised. Another important precaution regarding online security is to use a high-quality antivirus solution such as Kaspersky Total Security , which blocks common and sophisticated threats such as viruses, malware , ransomware, spy apps and the latest hacking methods .