While you’ve been surfing the Web, you couldn’t have but noticed that some web addresses have a little padlock in the front. However, you might don’t understand what it means and what it does.
The padlock shows that the site ensures a secure connection so that the date you’ll enter, for example, a username and password is protected. In other words, the padlock shows that the site uses encryption to keep your information safe from prying eyes.
But you probably know little about encryption, and you’re wondering what it is exactly. You’ve found the right place. Today I’m going to explain how encryption works, so keep on reading.
What is the history of encryption?
Believe it or not, encryption has a long history going back to Ancient Egypt and the Roman Empire. For example, Julius Caesar used a substitution cipher to encrypt his correspondence. The only person able to decipher the message was the one who knew how many letters to shift.
However, that encryption was fairly easy to solve once you know the system and how it works. So, it relied more on the secrecy of the system rather than the encryption key.
Later on, encryption became more sophisticated because people started inventing encrypting devices and machines. For example, Thomas Jefferson invited the Wheel Cipher.
This device was simply 36 wheels on an axle. Each wheel’s letters were scrambled. The key to the cipher was arranging the wheels in the correct order to uncover the message.
Another example is the famous Enigma machine used by the Germans to prevent the Allies from reading the intercepted messages. The Enigma code was broken finally due to the combined efforts of the Polish, French, and British. However, it took a lot of time because of the complexity of the encryption.
The invention of computers took encryption to a whole new level because computers could generate complicated mathematical functions and completely random long numbers.
The downside is that powerful computers can also solve such equations, so hackers still could find ways to break the encrypted data.
What is encryption?
At its core, encryption is a way to encrypt data and messages so that they couldn’t be read if they fall in the wrong hands.
Let’s say that you have an account on Amazon. You wouldn’t want anyone to know your password, username or credit card number, would you? Or imagine what someone could do if they could read all your Facebook private chats!
That’s why the sites use encryption to ensure that hackers can’t get their hands on such precious information or anyone else snooping or stalking you.
You can also encrypt files and folders on your computer so that only the person knowing the password can access them.
How does encryption works?
So, when you send important information on the Web, it scrambles your data and turns it into an unintelligible combination of numbers and letters, known as “cipher text.” The unencrypted text is called “plain text.”
The encrypted data has an encryption key, which is generated using complicated mathematic functions and is unique. By using the encryption key, you unscramble the cipher text back to the plain text. That’s why it’s very important that the encryption key doesn’t get stolen.
There are different encrypting techniques, but the one we’re going to talk about is called public-key encryption. Let’s say that you’re about to send an email to a friend. The moment you hit the “send” button, your friend’s computer generates a public key for your computer.
This public key is a long sequence of numbers and letters. Your device uses this public key to encrypt the email so that only your friend can read it. Then it sends the email to your friend. And all this happens for seconds!
Now, you’re probably wondering can’t someone else request a public key and use it decipher the email? Let me reassure you. It’s not possible because the public key won’t decipher the email.
As the name suggests, a public key is available to anyone. Think about it as your house address. Complete strangers can look it up online or in address books and send you a letter. However, they can’t enter your house because they don’t have a key to match the lock.
The key that will break the encryption is called a private key. A private key is mathematically connected to the private key and what you encrypt with a public key can be decrypted only with the corresponding private key.
And while it’s easy to generate a public key out of a private one, it’s almost impossible to do the opposite. So your data is quite safe as long as no one knows your private key.
Going back to our example, when your friend gets the email, his computer is going to decipher the message with the private key and turn it back into “plain text.”
This type of encrypting is called asymmetric encryption because it relies on the use of two different keys. Symmetric encryption also exists, but it has one main disadvantage. It uses only public keys, which can be easily obtained by hackers and mal
How do sites keep passwords protected?
Now click on the padlock, I mentioned at the beginning. Select “More information,” and under “Security” you’ll see what kind of encryption protocol the site uses to keep your data secure. Example of cryptographic protocols include:
But that’s not all. Some sites like Amazon or those that keep credit card numbers and other highly-sensitive information will hash your password.
Hashing a password means that the sites turn your password into a random string of characters. A hash is different from encryption. A hashed password can’t be deciphered with a key, so it’s a one-way street.
When you create a password, the site keeps the hash of it. When you re-enter the password, the site performs the hash again and compares it to the one it has already created to make sure that it matches.
I know that some of you are wondering if you can reverse the hash to discover the password. Well, hashes are almost impossible to reverse because they are generated using complicated mathematical functions. It will be impossible even for the website to covert the hast into the password, so you’re quite safe.
As a conclusion, I would like to mention that encryption is evolving. Hackers are always looking for ways to crack the code, so the developers are trying to improve the existing protocols and fix possible bugs.
What do you think about encryption? Have you got anything you’d like to add or ask about encryption? Don’t be shy to share it in the comments.
