Types of Encryption
There are many different types of encryption, each with its own benefit and use case.
Symmetric encryption
In this simple encryption method, only one secret key is used to both cipher and decipher information. While the oldest and best-known encryption technique, the main drawback is that both parties need to have the key used to encrypt the data before they can decrypt it. Symmetric encryption algorithms include AES-128, AES-192, and AES-256. Because itis less complex and executes faster,symmetric encryption is the preferred method for transmitting data in bulk.
Asymmetric encryption
Also known as public key cryptography, asymmetric encryption is a relatively new method that uses two different but related keys to encrypt and decrypt data. One key is secret and one key is public. The public key is used to encrypt data, and the private key is used to decrypt (and vice versa).Security of the public key is not needed because it is publicly available and can be shared over the internet.
Asymmetric encryption presents a much stronger option for ensuring the security of information transmitted over the internet. Websites are secured using Secure Socket Layer (SSL) or Transport Layer Security (TLS) certificates. A query to a web server sends back a copy of the digital certificate, and a public key can be extracted from that certificate, while the private key stays private.
Data Encryption Standard (DES)
DES is a deprecated symmetric key method of data encryption. DES works by using the same key to encrypt and decrypt a message, so both the sender and the receiver must have access to the same private key. DES has been superseded by the more secure AES algorithm. Itwas adopted by the U.S. government as an official standardin 1977 for the encryption of government computer data. It can be said that DES was the impetus for the modern cryptography and encryption industry.
Triple Data Encryption Standard (3DES)
The Triple Data Encryption Standard involved running the DES algorithm three times, with three separate keys. 3DES was largely seen as a stopgap measure, as the single DES algorithm was increasingly becoming seen as too weak to stand up to brute force attacks and the stronger AES was still under evaluation.
RSA
Rivest-Shamir-Adleman (RSA)is an algorithm and the basis of a cryptosystem—a suite of cryptographic algorithms used for specific security services or purposes. This enables public key encryption and isoften used by browsers to connect to websites and by virtual private networks (VPNs). RSA isasymmetric, in which two different keys are used for encryption: one public and one private. If decryption is carried out with thepublic key, encryption is performed with the private key, or vice versa.
Advanced Encryption Standard (AES)
Developed in 1997 by the National Institute of Standards and Technology (NIST) as an alternative to the Data Encryption Standard, the Advanced Encryption Standard is acipherchosen by the U.S. government to protect sensitive information. AES has three different key lengths to encrypt and decrypt a block of messages: 128-bit, 192-bit, and 256-bit.AES is widely used for protectingdata at rest in such applications as databases and hard drives.
Encryption in the cloud
Cloud encryption is a service offered bycloud storage providersin which data is firstencryptedusing algorithms before being pushed to a storage cloud. Customers of a cloud storage provider must be aware of and comfortable with the level of depth of the provider's policies and procedures for encryption andencryption key management.
Because encryption consumes more bandwidth, many cloud providers only offer basic encryption on a few database fields, such as passwords and account numbers. This is often not enough for some organizations. So they rely on a Bring Your Own Encryption (BYOE) model in which they use their own encryptionsoftware and manage their ownencryption keys to ensure a level of cloud computing security they are comfortable with.
As an opposite approach, Encryption as a Service (EaaS) has emerged as a simple, pay-as-you-go service customers can purchase from a cloud provider, managing encryption themselves in a multi-tenant environment.
End-to-End encryption
End-to-end encryption (E2EE) ensures that only the two users communicating with one another can read the messages. Even the intermediary, such as the telecom or internet service provider, cannot decrypt the messages. E2EE is generally seen as the most secure way to communicate privately and securely online. Examples of E2EE in use include theWhatsApp messaging service, which famously asserts that users'messages are secured with "locks."