Encryption. It’s a word we hear frequently in the media. Encrypted applications should have backdoors, insists one popular publication. No, it should not, insists another. But what is it actually and why is it so important? Below, are some thoughts.
Simply put, encryption is the translation of data into a secret code. But that’s a fairly modern definition and encryption goes way back. Historically (and today, as well) encryption is the act of scrambling communication so that only the intended recipient can read it. Early tools, like the Scytale—a tool used by the ancient Greeks — allowed users to wrap a strip of parchment around a rod, write the message, and then when unwound, the message would not make sense, unless the recipient had a rod of the same diameter to read the message.
Ancient Romans used the Caesar cipher, by this process each letter in the message would be replaced by a letter a set number of positions to the left or right in the alphabet (for example, a left shift of 2 would mean B is D, F is H etc.). More recently, and quite famously, Nazi Germany used a cipher machine call The Enigma to transmit encrypted messages.
The eventual cracking of these messages was key to Allied forces victory. Encryption today is more or less the same thing—encoding a message or information so that only intended parties can access it. These days we see it in use with online transactions and messaging. A common analogy for encryption is the digital version of sending a message in a locked case. Only people with the correct key can unlock the case.
Two critical kinds of encryption are symmetric key algorithms and asymmetric key algorithms. Symmetric encryption uses identical keys for both encryption and decryption. As this article explains through analogy, Alice locks her message in a box using her key and sends it to Bob to open, which they do using an identical key. Bob then uses that same identical key to lock the box and send his response back to Alice.
Journalists working with sources, politicians discussing strategy, doctors sharing patient information, lawyers advising their clients…the list could go on. Even the average person shares sensitive information on-the-go—their social security number, their passport number, bank account number or the passcode to enter the garage.
Encryption is not a tool for a select group of people, it’s for everyone. It’s important to note though, that when it comes to handling sensitive information, Encryption is step one—it is foundational for security. You don’t install a lock on your house but then walk around outside with your prized possessions hanging freely out of your pockets. There are security best practices you can adopt—learning to recognize when a website or email is fishy, making sure not to connect to unprotected wifi. On the tools side, even if your messages are encrypted, that doesn’t stop people from screenshotting, forwarding, or sharing them with malicious third parties. Be careful who you share sensitive information with. Verify that you’re messaging the correct person. In fact, encryption is not the only step to be aware of, as Vaporstream CEO discusses why encryption is not enough in this recent blog post. Adoption of applications like Vaporstream which combine encryption with sender control—can be game changing for an organization looking to protect against data leaks and surveillance.
To find out more about why encryption is not enough, how Vaporstream can help secure your data, or to see Vaporstream in action contact us.