The term encryption encompasses various procedures, methods, and approaches to protect sensitive data from third-party access and conduct secure digital communications between two or more users. The basic idea of encryption is that data is converted to an unreadable format using a key before an exchange of information occurs between sender and recipient, or data is stored. The converted format is called ciphertext and the readable format is called plain text. Only those who know the right key (code) for the encryption algorithm have access to the plaintext and can encode it into its original form. The code must therefore be kept secret or distributed in a special way if data is to be safely transmitted or stored. Encryption is a part of cryptography where the technical implementation and the security of different encryption methods are also concerned.
Encryption is used on the Internet, emailing, programming, and in infrastructures at different levels. In the context of industry 4.0 and the digital economy, the protection of information technology infrastructures, data transmission, and privacy is an important prerequisite for digital change. Encryption methods can be found almost everywhere in digital communication including retrieving of emails, when you enter a password or load a website. It is applied at different places:
Encryption hides the message content through the encryption process by translating plaintext into ciphertext and rendering it unreadable for unauthorized persons, clients or infrastructures. This is done using encryption algorithms, the result of which is ciphertext. An encryption algorithm is basically a mathematical function that contains input data along with a key. If the function is calculated with the correct key, ciphered data is generated as the output format.
If the message is to be decoded, it must be returned to its original form with a key. Only authorized transmitters and/or receivers have the knowledge of how the message and thus its content can be decrypted. Any key could be cracked in principle, but that would require a high degree of computing power and detailed knowledge about cryptography.
Depending on the encryption process, there are numerous algorithms, keys and models for the verification of transmitters and receivers. Encryption methods include not only one or more algorithms, but also key distribution principles and verification of the authenticity and integrity of data and communication participants.
The methods can be distinguished from one another by the type of key distribution:
Encryption can protect certain types of data and content from being accessed by third parties, but whether a message or the sender is genuine cannot be determined through encryption. Therefore, some encryption methods fulfill additional objectives that result from key distribution problem.
These objectives are achieved through the use of different methods, approaches, and infrastructures, including certificates, digital signatures, and public-key infrastructures. They are supposed to ensure that the originator of a message, as well as the message itself cannot be falsified.
Partially, these methods are based on complex hash functions and values that are tested against each other. For example, a password or a PIN can be stored as a hash value to compare the hash value of the current string with the stored hash value when entering the password. That way, the correctness of the password is checked without one of the communication users being able to see the plaintext.
The issue of encryption does not just concern programmers and IT professionals, but anyone using IT systems in some way. Companies must ensure that their customers’ data is encrypted. Users must ensure that their passwords are kept secure. Proven encryption methods, however, only provide a certain degree of protection since no IT system is fully proofed from attacks and exploits. Any system can be cracked. It depends on the computer performance and knowledge about the encryption algorithms. In practice, it has been shown that open-source systems seem to provide better protection than proprietary systems. The reason is that more developers work on such systems and subject them to continuous tests.
Only quantum computers are an exception here. Quantum computers represent a threat to asymmetric processes because they can compute much faster. However, this applies only to a limited extent for symmetrical processes. The reason is the proof that long keys can be protection to a degree even with the computing powers of quantum computers. The longer the key, the greater the required computing power to decipher it. Last but not least, the implementation of an encryption algorithm is of great importance. No one can anticipate all vulnerabilities when a system gets implemented.