Whenever we talk about online security, we often hear the terms encryption and keys. Let’s discuss what these terms mean.
🔑 Encryption is a way in which data is scrambled in such a way that only authorized people can understand the message. It’s a bit like Pig Latin that we used as kids. You scramble the original message into something else. The intended receiver knows about the algorithm and unscrambles the message to read it.
You want to give a message to a classmate but don’t want anyone else to read it. So you skip one alphabet while writing it. For example, A becomes B and B becomes C.
A message that reads “I have a crush on you” will become “J ibwf b dsvti po zpv”
You give it to your friend to pass it along. He gets curious and opens it. But since it’s encrypted, he’s unable to read it. The intended recipient, however, knows the algorithm you used. She’s able to decrypt your message. And if you’re lucky, you might land yourself a date!
A pretty simple example. This is how encryption works.
Except modern-day encryption is more complicated than this. It is a science in itself and the technique of encryption is called cryptography.
There are symmetric and asymmetric cryptographies and they all use something called a key.
A key is basically a string of characters that is used to scramble data. But in essence, it acts just like your home key. If you want to receive mail in your mailbox, the postman will leave it there. But to obtain it, you’ll need a key to the mailbox.
Like the physical key, the crypto key lets you read the message.
As mentioned earlier, there are symmetric and asymmetric encryption techniques. Let’s discuss them here.
In symmetric encryption, there is just one key and it is used by all communicating parties. In asymmetric encryption, there are two keys. One is used for encryption and the other is used for decryption. The one used for encryption is the public key and the one used for decryption is kept private.
The public key, as the name suggests, is kept public. It is available to anyone who wants to send a message to you. The private key, on the other hand, is available only to you – the recipient. The senders can use the public key to encrypt and send the message to you. But it can be read only by the holder of the private key.
Why do we need encryption?
There are several advantages of encryption. Here are some of them.
✅ Security: When your data is encrypted, it is secure and cannot be read by unauthorized parties, making it more secure. This becomes even more important when you run a company and are at the risk of a data breach.
✅ Privacy: When your communication is encrypted, only the authorized recipients can read the messages. When the encryption is strong enough, it cannot practically be hacked.
✅ Standardization: There are several security standards that you just have to maintain. For example, if your website runs on HTTP instead of HTTPS, your viewers might not be able to visit it as many browsers will block your website.
In the past few years, you might have seen the term end-to-end encryption being used online. With end-to-end encryption, your messages are encrypted all the way from your computer to the receiver’s computer. So anyone trying to intercept the communication at any stage will be unsuccessful.
When someone intercepts your messages in the middle of the communication, it is called Man in the Middle Attack (MITM).
Let’s take the previous example again when you sent a note to someone that said, “I have a crush on you.”
In MITM, the friend who passes your message can read it. They can change the contents if they want. Or even if they decide not to change the contents, they will get to know about your feelings, which were supposed to be a secret.
When the note is encrypted, they will not be able to read it. Unless they know how to decrypt it. This is why it’s important to have strong encryption.
Common Encryption Terms
You might have heard VPN companies talk about encryption types such as AES and RSA. These are encryption algorithms and are used to keep your data secure.
AES is symmetric in nature. It is highly secure and is used by the US government to protect its classified data. You might have seen AES-128 or AES-256. These numbers signify the length of the key. The higher the number, the stronger the encryption.
However, in general cases, AES-128 is enough. But if you want an even higher level of encryption, you can go for AES-256 bit encryption. There are several VPN services offering AES-256.
RSA, on the other hand, is asymmetric and uses a public-private key pair. Most RSA keys are 1024 or 2048-bit long and are very secure. You might have seen these terms on VPN websites. These are just the encryption types.
There are also some protocols that you may see on VPN websites. You might see things like OpenVPN, L2TP, PPTP, etc.
These protocols direct the way in which your computer sets up a connection with the VPN server. OpenVPN is considered the most secure and PPTP is the weakest.
Things to Keep in Mind
Asymmetric encryption isn’t just used by VPN companies but by several other services as well. For example, if you want to trade in Bitcoin or other cryptocurrencies, you’ll be given a private key that will let you access your wallet and access your money.
The people who send you money will have a public key. Make sure you don’t share your private key with others. If anyone gets access to your private key, they can use the currency in your wallet.
Another thing to keep in mind is that while encryption increases your security, it slows down the speeds. So you need to decide what you want to encrypt. If you want to encrypt everything, you’ll need a fast provider that has a large network of servers so they don’t get overloaded.