A very basic introduction to encryption
A short and simple primer on an important security measure
Simply put, encryption is a method for transforming data from one format into another. The way encryption does this makes it a common security measure across different computer systems.
Encryption involves three main elements:
The plaintext
A cipher
A key
An algorithm
The cipher text
Encryption takes plaintext (i.e., the data to be encrypted), and applies an algorithm that executes a cipher with a key to transform the plaintext, the output of which is cipher text.
Let's use the Caesar cipher to explain this in more detail. This cipher, named after the Roman Emperor Julius Caesar, was a technique he used to send his private correspondence, much like how electronic communication services use encryption to achieve the same.
The Caesar cipher encrypts messages by changing each letter in the message with an alternative letter from shifted arrangement of the alphabet. For example, the table below shows the normal alphabet in the first row and a version of the alphabet shifted three positions to the left in the bottom row.
With this, 'A' becomes 'X', 'B' becomes 'Y' and so on. Using this arrangement, the message 'Hello world' turns into 'Ebiil tloia'.
With this simple example of encryption, we can see how the main elements of encryption come together:
Plaintext: This is the data being encrypted, which in this case is 'Hello world'.
Cipher: A shift cipher that slides the alphabet by a certain number of secret shifts and replaces each letter with the letter in the shifted arrangement of the alphabet.
Key: The direction and number of secret shifts, which in this case is three shifts to the left.
Algorithm: Applies the cipher using the key to the plain text to produce the cipher text.
Cipher text: This is the output of the encryption process, which is 'Ebiil tloia'.
A crucial element of encryption is the key, or the cryptographic key. This is a piece of information used to configure the cipher that transforms the plaintext to cipher text.
Without the key, it is not possible to 'reverse engineer' the cipher text back to the plaintext. There are therefore two important factors to consider for cryptographic keys:
Complexity
Key management
The Caesar cipher explained above is clearly an easy form of encryption to crack. Given that there are only 26 letters in the alphabet, there are only 25 possible keys, and it would not take an extensive length of time to try all the different combinations to work out what the key is based on some cipher text.
However, the forms of encryption commonly deployed today use more complex methods to produce cryptographic keys. For example, advanced encryption standard (AES) 256 can generate key combinations, which is basically impossible to crack.
But even if cryptographic keys are complex, they still need to managed appropriately. This means keeping keys away from those who are not supposed to access the plaintext.
Take for example how your iPhone uses encryption to lock and unlock your phone:
You cannot unlock your device without the correct passcode, TouchID or FaceID.
Your device contains a piece of hardware called the Secure Enclave, which processes passcodes entered into the device and also keeps a copy of a AES-256 key for the device.
The Secure Enclave only uses the cryptographic key to unlock the device if it receives the correct passcode, or receives the TouchID or FaceID data registered with the device.
When you enter your passcode, or provide your TouchID or FaceID, the Secure Enclave compares this input with the data registered with the device to see if there is a match.
If there is a match, the Secure Enclave uses the cryptographic key to decrypt and unlock the device, and vice versa.
When you lock your device, the Secure Enclave uses the same key to encrypt and lock the device.
For more posts on encryption, you can check out my previous posts below: