What is Encryption?

Do you leave all your information exposed for anyone to read?

☀️Welcome to ElGuardian, a space to inform and share the best security strategies.
Don't miss the best tips to stay safe from cybercriminals every week.

If you are not subscribed yet?!! Here's the latest publications you missed:

1. DDoS Attack??

2. What is DoS Attack??

3. AI the other face: Main Threats

Is like when you put your confidential documents inside of a locked safe, only you know the code to open it, avoiding to anyelse access to these documents. Encryption works in similar way with digital data.

When the data becomes encrypted, any information inside becomes unable to be read. If you try to read it, you are going to encounter something like this:

请与大家分享，以便他们可以订阅我的猫和网络安全博客，这些毛茸茸的朋友需要你！在这里，我们将讨论最佳的网络安全策略，以及如何提高个人和企业的隐私。我们可以共同提高互联网安全性，使网络犯罪分子更加难以犯罪。

Oh, wait, that is Chinese. What you are going to find is exactly this:

Ú™HûŒV'*#ñB##_£Å·ß™øÉ<BÚ”c°#¥¯º#¿M$âo_†ÕøL< ¥}ì-{##müX#î‹~¬Š#A#eôül èd#õ»@M#4?ÊÃ&Ó#~ÂA á»°íÙÇŠß‚"¼b}@¸#à]#“ãs»#—\#ˆ#ŸâBJqïé¨×J$QÑ”™èÔ#uçµâŠ1y¦yxBÔÿ¸p#ÌæÈ#kØÀ>£: ‘óƒÑ˜ò’Ö#­ªøk#>/Ð`Œhj†ÏÏŒÿ#«ä™Æ#@ñü;ϨøDf1¾«ÉdÆùl¤#ÆwÛ]q‰iR¾÷Õ#ì³#çàšú*ÅÁj#+,Åú1FS #Ì#}@{/νèXâOú¿Ðž£Ëö# ¬^`Տ#¼¤ý#®¥T#\-:Ê£Æ`#MŠa·5ÔùUØë,Ó~ï5xal#]…'_ÃM¨!† çç»—á¹sÄ1T F2Kq¤Û¶ø°þù¯Ì#£‡‹ÅœSúç-¹°=Úe‹Mý9¬_ÆŽ#§äbeõTÛŠ‘P¾²R—3b[1#‚Õõpùù×!#öžf^Šî0’{±”#~Í#¨¦n.#e>zðl|í#Œ

I'm sure, Chinese now looks easier than this ciphertext.

How Encryption Works?

When we encrypt any data or file, a special mathematical algorithm is used that, by using a specific key (code), will change all bytes from that file in order to make it unreadable. The only option to restore the original format is to decrypt with another key, depending on which type is used, because there are 2 types of encryption:

Symmetric:

Here is the use of one key to lock and unlock or encrypt and decrypt the data. This works like a normal key in real life.

When a file is encrypted, we create and use a specific key; this same key is used to decrypt the file.

The popular app Winrar and others similar compression tools like 7-Zip or WinZip use symmetric encryption. They uses a password provided by the user to derive a unique key for encrypting the archive. The file is encrypted and decrypted by same key and using the same password.

The best use is to limited the access of your files to anyone who you wan to share the key or password.

Asymmetric:

It is more complicated, where a public key is used to lock or encrypt, and another private key is used to unlock or decrypt. Imagine using a kind of master key that can be used only to close any single door, then you will use your personal key to open only your home door.

You probably are not so familiar with this, and now you are going to ask what the hell it is or why it is used.

To asymmetrically encrypt is 2 different keys are created, called a Key Pair (Public key and Private Key).

Public Key is the code used to encrypt any file or data, and is called public because is destinated to be shared.

Private Key is the code used to open or decrypt a specific file or data, and is private because only you have it

Is like the locksmith we hired to put locks, he is going to act like our Public Key. Anyone can access it and hire it, as long as they pay him. But the key copies that he will deliver of each lock will be the private key, and only we will decide with whom to share them.

This kind of encryption offer many advantages because the public key can be shared massively without exposure the private key and the data access.

The advantages are multiple. Public keys will be distributed, but private keys don't need to be shared, improving the security. They work better in large-scale systems and do not require any pre-existing relation between the participants.

What Are the Main Algorithms?

To symmetric, the most famous are:

AES (Advanced Encryption Standard):

• Is like a digital lockbox. It scrambles data in blocks (e.g., 128-bit) and uses a key to lock/unlock it.

• It's fast and secure, making it popular for protecting data on your computer and in apps

• Is the one used by the most famous tools like Winrar, 7-Zip or WinZip
  

DES (Data Encryption Standard):

• DES was widely used in the past. It’s simpler than AES but is no longer considered secure for modern use due to its shorter key length.
  

IDEA (International Data Encryption Algorithm):

• It is a symmetric encryption algorithm designed for high security

• It divides data into smaller blocks and encrypts them using a series of mathematical operations with a shared secret key.

• It’s known for its strength and was used in early versions of PGP (Pretty Good Privacy) for secure communication
  

Blowfish:

• Another symmetric encryption algorithm, designed for speed and flexibility.

• It works by dividing data into blocks and encrypting them with a key of variable length (up to 448 bits).

• It's commonly used for securing passwords and in applications like file encryption.

And they are used for asymmetric:

RSA (Rivest–Shamir–Adleman):

• Think of RSA as a mailbox: the public key is like the slot where anyone can drop letters (encrypt data), but only the mailbox owner (private key) can read them.

• RSA is commonly used for secure web connections (e.g., HTTPS).

Elliptic Curve Cryptography (ECC):

• ECC uses math involving curves to secure data, making it efficient with smaller key sizes.

• It’s great for devices like smartphones, where resources are limited.

Diffie-Hellman (DH):

• Diffie-Hellman is an asymmetric encryption method, but specifically designed for secure key exchange.

• Imagine two people mixing different colours (representing data), and through math, they can create a common secret colour without revealing the original colours.

• It’s widely used for establishing secure communication channels (e.g., in VPNs).

The most important is a longer key, will means a stronger security, being recommended minimum of 128 bits.

What Are Their Common Uses?

Symmetric is faster, so it is going to be used mainly to encrypt large data, personal data and shared non-sensitive data with small groups.

Asymmetric is slower but great for this kind of communication:

• Secure communications, including WhatsApp or Telegram, use Asymmetric encryption, where only the destinated can access the information sent from any sender.

• Another popular use is for Authentication to verify the identity of users of even systems.

• Others uses are Digital Signatures, data integrity, and Blockchain, we will speak about them proximely.