How Encryption Works

Encryption has a long history. The ancient Greeks would send messages to each other using codes, and these codes could only be broken using a secret key. Today, most (reputable) websites use the same principle to keep your data safe from eavesdroppers.

People who take security seriously go even further, and choose to add another level of encryption to the data they send and receive online. The easiest and most effective way of doing this is to use a virtual private network (VPN), which offers strong encryption for everything you do online. For this reason, VPNs are particularly important when you are traveling, and for businesses looking to boost their cybersecurity.

In this article, we’ll look at how encryption works, and how it makes sure that the web is secure.

The History of Encryption

To understand modern encryption techniques, it helps to look at where they came from. The Enigma machine was arguably the first automated encryption device, used during WW2 to encode military orders. This machine replaced every letter of the original message (called the “plaintext”) with another letter, and it did this by using a different encoding every time. This is still the basis for encryption.

The history of computational encryption begins with DES, a cipher that was selected for military and civilian use by the US government in 1976, but that was quickly replaced with faster encryption protocols in the 1990s. Among these were RC5, Blowfish, IDEA, NewDES, SAFER, CAST5 and FEAL. All of these encryption schemes work in essentially the same way. A computer replaces every letter of the plaintext message with another, based on a method which is stored in a secret key. And that is still the way that modern encryption works.

Modern Encryption Protocols

The first thing to understand about modern encryption protocols is that there are quite a few of them. Each is suited to a different purpose, but there is generally a trade-off between speed and security. Serpent, for instance, is a highly secure encryption protocol that is very slow. AES, by contrast, still offers essentially unbreakable encryption, but is much faster. That’s why we use AES-126 or -256 for VPNSecure, and why we let you choose your encryption level for the best performance.

Beyond this basic description, there are two main types of encryption: symmetric and asymmetric.

Symmetric Encryption

Symmetric encryption is less common than its asymmetric counterpart, so I’ll describe it quickly. In this method, the same ‘key’ is used to encrypt and decrypt messages. The key contains information on (roughly) which letters in the plaintext have been swapped for which other letters in the encoded message. Both the sender and the recipient of the message have the same key, and encryption and decryption are done in the same way.

There is, though, an obvious difficulty with symmetric encryption: how do you share the key without it being intercepted.

Asymmetric Encryption

This is the problem that asymmetric encryption was designed to solve. In asymmetric encryption, messages are coded and decoded using different keys.

Put simply, it works like this. Each person has a pair of keys, a public key and a private key (it is for this reason that asymmetric encryption is sometimes called ‘public key cryptography). The sender of a message encrypts their message using the public key of the person they want to send the message to. This key is publicly available, but cannot be used to decrypt the message again: it only works one way. To decrypt the message, the recipient of the message uses his or her private key.

Asymmetric encryption has the huge advantage that no-one has to send the encryption key over public networks, and so it remains secret.

How Encryption Secures The Web

This basic description is given, let’s look at how asymmetric encryption works on the web.

The most common encryption system used to access secure web pages, for instance, is called secure sockets layer (SSL). When your browser requests a secure page (denoted by https:// in the address bar), the server for the page sends its public key, along with a certificate that proves it is legitimate. Your web browser uses this key to encrypt another key, this time a randomly generated symmetric key. The server decrypts this second key using its private key. Then, both your browser and the server can communicate using symmetric encryption, but there is no chance that anyone else can eavesdrop.

SSL encryption like this is an integral part of the modern web. It is such a widespread and important part of the way the web works, in fact, using encryption improves a website’s relative rank in Google’s index. But unfortunately, SSL is not perfect. Though it encrypts information that is passing between your computer and a secure website, it does not encrypt other parts of your system.

The most obvious is the connection between your computer and the WiFi router you are connected to, which represents a huge security risk. To encrypt that part of your connection, you need to use a VPN. This is especially true if you are connecting to public WiFi, and to stay safe when working remotely. A VPN works in a similar way to SSL encryption, but with a crucial difference – it is not just the connection between your computer and a website that is encrypted, but everything that your computer sends and receives.

Encrypt Everything

Encrypting as much of your data as possible is important for a number of reasons. Not only does this make you far less vulnerable to cyberattack, but encrypting your data via a VPN also keeps you anonymous online. After all, it is not only hackers that want to know what you are doing online – the government, advertising agencies, and plenty of other people also want this information.

In short, by using a VPN you are using encryption for the same reason that the ancient Greeks did: to keep your messages from being read by anyone but their intended recipient.