Checking connection...

The basics of encryption

PRIVACY

Last updated: 10 October 2019


This guide gives an overview of encryption and describes the differences between two types: symmetric and asymmetric.

The key to encryption

Just like with doors, keys are used to lock (encrypt) and unlock (decrypt) information to keep it safe. But instead of a physical key, an encryption key is an long string of random characters.

As an example, a message with sensitive information needs to be sent securely from one person to another. The sender will encrypt the message with one key, and the receiver will decrypt it with another.

Symmetric encryption

A symmetric key uses the same string for both encryption and decryption which means that both the sender and receiver need the same key. This type of encryption is not very safe because sharing the one key in a secure and secretive manner is very difficult to do.

Having said that, using symmetric encryption works well for some tasks, such as moving a file between two computers. And it's a much easier method to begin with than asymmetric encryption.

Learn how to encrypt a file using symmetric encryption

Asymmetric encryption

With asymmetric encryption, the key is split in half to create a key pair consisting of a private key and a public key. A message is then encrypted with the public key, but it can only be decrypted with the corresponding private key.

If you are on the receiving end, you would first create an asymmetric key for yourself. You'd then give out the public key to anyone you want to receive messages from but keep the matching private key entirely to yourself.

For example, if Sarah wants to send a message to John, she would use John's public key to first encrypt the message before sending it to him. John would then use his private key to decrypt the message. In this manner, Sarah can be sure that only John can read the message. Likewise, John knows that the message was intended for him.

Asymmetric encryption comes with the added benefit of being able to prove that the two parties involved in communication are both who they claim to be.

Sarah can do this by signing the message with her private key. John can then use Sarah's public key to verify that the message was sent by her, as only the combination of Sarah's true public and private keys would give a valid result. They both now know that Sarah is Sarah and that John is John. Mission accomplished!

Learn how to send messages using asymmetric encryption

The importance of key management

Key management is 99% of the entire process. How well you protect your private key and manage your list of public keys  making sure they belong to the people you think they do  determines the level of security you obtain.

Integrate encryption into your email program

Now that you've learned the basics of encrypting and decrypting files, learn how to automate the encryption and decryption of emails with our guide on integrating encryption into your email program.