What is the process of converting information or data into a code which was highly developed during World War i1 to prevent unauthorized access?

Encryption is the technical process by which information is converted to secret code, thereby obscuring the data you’re sending, receiving, or storing. Essentially, an algorithm is used to scramble the data, before the receiving party unscrambles the data using a decryption key. The unscrambled message contained within unencrypted files is referred to as “plaintext,” whereas in its encrypted form, the message is referred to as “ciphertext.”

Think about how much important information is held on your company’s files, folders, and devices. Now imagine what would happen if that information fell into the wrong hands. From personal data about your employees (e.g., their addresses, social security numbers, tax codes, etc.) to details about your company’s finances and bank accounts, you’re likely to have a large amount of data that needs to be restricted to authorized parties. Encryption is one of the best ways to keep your business’s confidential data protected against cyber security threats.

In some form or another, encryption has existed since the dawn of recorded history. The ancient Greeks encrypted messages using a tool called the “scytale,” while in World War II, Germany used their famous Enigma machine to protect military and diplomatic transmissions. Modern encryption techniques have gone through numerous iterations, but they can mostly be broken down into two categories: symmetric key algorithms and asymmetric key algorithms. We’ll explore these encryption schemes in a little more detail later.

It’s also worth noting that encryption plays a significant role in ensuring the safety of your internet browsing. Many websites use a Secure Sockets Layer (SSL) which encrypts data sent to and from the website, stopping hackers from accessing the data while it’s in transit. In recent years, however, Transport Layer Security (TLS) has displaced SSL as the standard encryption protocol for authenticating website origin servers and maintaining the security of HTTP requests and responses.

Theoretically, it is possible to decode encrypted files without an encryption key, but it would require an enormous amount of computational power to crack a well-designed encryption scheme. This is what is meant by the colloquial phrase “brute force attack.” Although modern encryption methods, especially when coupled with strong passwords, are highly resistant to brute force attacks (it would take hackers billions of years to crack properly encrypted files), they may become more of a problem in the future as computers become increasingly powerful.

How does encryption work?

At the most basic level, encryption is a way of preventing unauthorized access to your data. Using encryption, you can encode a simple, clear message (“Dropbox is awesome!”) into a scrambled message that would be incomprehensible to anyone who happened to view it in its encoded form (“9itQg7nbV781+f55eXC1Lk.”) The encrypted message is sent via the internet, and once it arrives at its destination, the recipient will have some way—usually an encryption key—to convert the scrambled message back to its original format (“Dropbox is awesome!”).

Above we mentioned asymmetric encryption and symmetric encryption. Broadly speaking, these are the two main types of encryption that you’ll encounter, but how exactly do they work? Here’s a little more information about these data encryption systems:

• Symmetric key algorithms: In a symmetric key system, related or identical encryption keys are used for both the encryption and decryption process. In some circles, the shared key is referred to as a “shared secret,” because the sender/system overseeing the encryption must share the key with anyone who is authorized to decrypt the message. There are many different examples of symmetric key algorithms, including AES, Triple DES, and Blowfish.
• Asymmetric key algorithms: In an asymmetric key system, also referred to as public-key encryption, different keys are used for the encryption and decryption process. One key is shared publicly and can be used by anyone (hence the name “public-key encryption”), while one is private. This makes asymmetric key systems even more secure than symmetric key algorithms, because hackers or cyber criminals can’t copy the key while it’s in transit. Examples of asymmetric encryption include RSA and DES.

So, that’s a top-line description of the encryption process, but how does encryption work for businesses? Well, from the enterprise side, it’s important to note that many devices offer encryption as standard. Windows offers a built-in, full-service encryption feature called BitLocker, which makes use of the AES encryption algorithm, while macOS and Linux also offer built-in encryption options. Moreover, when it comes to encrypting your emails, there are plenty of baked-in encryption tools for major email applications, including Microsoft Outlook and Apple Mail.

Why is encryption important?

Today, encryption is table stakes for enterprise. Why? First, security. According to Risk Based Security’s 2019 Year End Data Breach QuickView Report, over 15.1 billion records were exposed throughout the course of 2019, an increase of 284% over the figures for 2018. The research firm characterized 2019 as the “worst year on record,” and we’ve already seen major data breaches in 2020, with 8.4 billion records exposed in the first quarter of 2020 alone (a 273% increase on Q1 2019). Encryption can help to keep your business’s data safe from hackers and cybercriminals. Assuming it’s properly encrypted, the data on your company’s servers or devices should be secure, even if the device is lost or stolen. Furthermore, encrypted communications should ensure that you’re able to communicate externally and internally without leaking sensitive data. Put simply, dealing only with encrypted files can stop your data from falling into the wrong hands.

Then, there’s the regulatory aspect. Many industrial regulations stipulate that companies handling user data must keep that data encrypted. PCI DSS (Payment Card Industry Data Security Standards), a set of general practices governed by the world’s major credit card companies, is a great example of this. One of the 12 key PCI DSS requirements states that businesses which directly handle their customer’s card data should “Encrypt transmission of cardholder data across open, public networks.” Failure to comply can lead to a broad range of penalties, including monetary fines, liability for fraud charges, and the suspension of your ability to receive credit card payments. There are also many governmental regulations that demand encryption. In the European Union (EU), for example, GDPR requires businesses to implement technical and organizational measures to ensure personal data is processed securely. Encryption is listed as an appropriate technical measure.

But what does encryption mean in real terms? The consequences of data breaches can be devastating, particularly financially. Your business may end up footing the bill for a broad range of costs, including fraud, stolen money, damage or destruction of data, post-attack service disruption, embezzlement, and the restoration/deletion of damaged systems. You may also wish to consider the reputational harm that a major data breach, particularly a breach pertaining to customer data, can have on a business, and what sort of impact that’s likely to have on your company’s prospects moving forwards. In short, encryption can help keep your business safe from the cost and time-intensive process of recovering from a data breach, ensuring that your company remains a viable, trustworthy option for consumers.

How to encrypt files with Dropbox

When you’re first starting out on your security journey, learning how to encrypt files can seem like a pretty steep mountain to climb. Fortunately, it doesn’t have to be. As we mentioned earlier, encryption software is often baked into your operating system, although there’s also a broad range of third-party encryption schemes and programs that can provide you with increased protection. But, in any case, you’re probably wondering which of your business’s sensitive files can be encrypted? Simple answer: virtually any file—including text files, data files, emails, disk partitions, and directories—can be encrypted, so regardless of where your most vulnerable information is stored, learning how to encrypt files can be advantageous.

Dropbox’s secure platform offers modern encryption standards that can help keep your business’s sensitive data safe from brute force attacks, malware, ransomware, and data breaches. So, how does encryption work in Dropbox? Essentially, we process your files by splitting them up into discrete blocks. Each block is encrypted with a strong cipher and only blocks that have been modified between revisions are synchronized. Furthermore, your files are protected when they’re in transit between our apps and servers, as well as when they’re at rest. Dropbox also offers enterprise-grade encrypted cloud security that goes beyond traditional encryption, providing you with an even greater level of protection for your files and data.

Final word

So, what is encryption? Simply put, encryption is one of the most effective ways to keep your files and data protected in an increasingly vulnerable world.

Security is top of mind for anyone in IT these days. It must be, given that Gartner estimates that spending on information security and risk management will total $172 billion in 2022, up from $155 billion in 2021. While there are plenty of technologies you can buy to secure your data, encryption is one aspect of security technology that every computer user should understand.

How Encryption Works

Encryption is a way for data—messages or files—to be made unreadable, ensuring that only an authorized person can access that data. Encryption uses complex algorithms to scramble data and decrypts the same data using a key provided by the message sender. Encryption ensures that information stays private and confidential, whether it's being stored or in transit. Any unauthorized access to the data will only see a chaotic array of bytes.

Here are some essential encryption terms you should know:

Also known as a cipher, algorithms are the rules or instructions for the encryption process. The key length, functionality, and features of the encryption system in use determine the effectiveness of the encryption.

Decryption is the process of converting unreadable ciphertext to readable information.

An encryption key is a randomized string of bits used to encrypt and decrypt data. Each key is unique, and longer keys are harder to break. Typical key lengths are 128 and 256 bits for private keys and 2048 for public keys.

There are two kinds of cryptographic key systems, symmetric, and asymmetric. 

Symmetric Key Systems

In a symmetric key system, everyone accessing the data has the same key. Keys that encrypt and decrypt messages must also remain secret to ensure privacy. While it's possible for this to work, securely distributing the keys to ensure proper controls are in place makes symmetric encryption impractical for widespread commercial use.

Asymmetric Key Systems

An asymmetric key system, also known as a public/private key system, uses two keys. One key remains secret—the private key—while the other key is made widely available to anyone who needs it. This key is called the public key. The private and public keys are mathematically tied together, so the corresponding private key can only decrypt that information encrypted using the public key.

Encryption in Action

Here's an example of how encryption works with email-friendly software Pretty Good Privacy (PGP) or GnuPG—also known as GPG—for open-source aficionados. Say I want to send you a private message. I encrypt it using one of the programs listed below.

Here's the message:

wUwDPglyJu9LOnkBAf4vxSpQgQZltcz7LWwEquhdm5kSQIkQlZtfxtSTsmawq6gVH8SimlC3W6TDOhhL2FdgvdIC7sDv7G1Z7pCNzFLp0lgB9ACm8r5RZOBiN5ske9cBVjlVfgmQ9VpFzSwzLLODhCU7/2THg2iDrW3NGQZfz3SSWviwCe7GmNIvp5jEkGPCGcla4Fgdp/xuyewPk6NDlBewftLtHJVf=PAb3

Once encrypted, the message becomes a jumbled mess of random characters. But, equipped with the key I send you, you can decrypt it and find the original message.

Come on over for hot dogs and soda!

Whether it's in transit like our hot dog party email or resting on your hard drive, encryption works to keep prying eyes out of your business—even if they happen to gain access to your network or system. 

The technology comes in many forms, with key size and strength generally being the most significant differences in one variety to the next.

Common Encryption Algorithms

1. Triple DES

Triple DES was designed to replace the original Data Encryption Standard (DES) algorithm, which hackers eventually learned to defeat with relative ease. At one time, Triple DES was the recommended standard and the most widely used symmetric algorithm in the industry.

Triple DES uses three individual keys with 56 bits each. The total key length adds up to 168 bits, but experts would argue that 112-bits in key strength is more accurate. Despite slowly being phased out, Triple DES has, for the most part, been replaced by the Advanced Encryption Standard (AES).

2. AES

The Advanced Encryption Standard (AES) is the algorithm trusted as the standard by the U.S. Government and numerous organizations. Although it is highly efficient in 128-bit form, AES also uses keys of 192 and 256 bits for heavy-duty encryption purposes.

AES is largely considered impervious to all attacks, except for brute force, which attempts to decipher messages using all possible combinations in the 128, 192, or 256-bit cipher.

3. RSA Security

RSA is a public-key encryption algorithm and the standard for encrypting data sent over the internet. It also happens to be one of the methods used in PGP and GPG programs. Unlike Triple DES, RSA is considered an asymmetric algorithm due to its use of a pair of keys. You've got your public key to encrypt the message and a private key to decrypt it. The result of RSA encryption is a huge batch of mumbo jumbo that takes attackers a lot of time and processing power to break.

4. Blowfish

Blowfish is yet another algorithm designed to replace DES. This symmetric cipher splits messages into blocks of 64 bits and encrypts them individually. Blowfish is known for its tremendous speed and overall effectiveness. Meanwhile, vendors have taken full advantage of its free availability in the public domain. You'll find Blowfish in software categories ranging from e-commerce platforms for securing payments to password management tools, where it protects passwords. It's one of the more flexible encryption methods available.

5. Twofish

Computer security expert Bruce Schneier is the mastermind behind Blowfish and its successor Twofish. Keys used in this algorithm may be up to 256 bits in length, and as a symmetric technique, you only need one key. Twofish is one of the fastest of its kind and ideal for use in hardware and software environments. Like Blowfish, Twofish is freely available to anyone who wants to use it.

The Future of Encryption

Cyberattacks are constantly evolving, forcing security specialists to concoct new schemes and methods to keep them at bay. Even the National Institute of Standards and Technology (NIST) is looking at the impacts of quantum cryptography on the future of encryption. Stay tuned for new developments.

Meanwhile, whether it's protecting your email communications or stored data, you should be certain that you include encryption in your lineup of security tools.

For expert help with meeting your data protection, business continuity, backup, and disaster recovery requirements, choose an Arcserve technology partner. And check out our free trials so you can see for yourself how easy to use and effective Arcserve solutions can be.