Cyzen
Search…
Basics
API Security
Web Server
Secure Coding
Encryption

# What is Encryption?

Encryption is a way to obfuscate data such that authorized parties may view it but unauthorized parties may not.
It is commonly thought that Base64-encoding is an encryption technique but that is not the case, as any unauthorized party is able to decode Base64-encoded text.

## Example

Alice wants to send a party invitation to Bob by sending him a letter in the mail. Unfortunately, Eve is eavesdropping on their conversation and is able to intercept her messages. Alice realizes this when Eve shows up to her party, so she comes up with a plan.
Alice takes her note "PARTY AT EIGHT," and converts each letter to numbers such that A=1, B=2, and so on. She then increments each number by 5, and converts back to letters, such that her message becomes "UERYD EY JNLMY". Alice then shares her new encryption scheme with Bob, and now Alice and Bob can decrypt the messages but Eve can't.
The original message, "PARTY AT EIGHT," is referred to as the plaintext, while the resulting encrypted text is referred to as the ciphertext. The encryption key in Alice's scheme was 5, but she could really use any number as a key.

The one-time pad (OTP) is an encryption technique that cannot be cracked, but is very difficult to implement for practical reasons. OTP requires a key that is the same length as or longer than the plaintext to be encrypted. OTP makes use of the exclusive OR (XOR) operation by XORing a random key with plaintext to produce a ciphertext.
$plaintext \otimes key = ciphertext$
Plaintext
100101010010100101
Key
010101010010101000
Resulting ciphertext
11000000000001101
You can then use the resulting ciphertext and the same key to calculate the original plaintext.
$ciphertext \otimes key = plaintext$
The one-time pad is impractical because it requires that one party share the randomly-generated key with the receiving party to be able to decrypt the ciphertext. In practice, the sending and receiving parties are not within the physical vicinity of one another, and thus the key would need an additional secure method of exchange.
Additionally, for a very long plaintext, OTP would require an unnecessarily long key. OTP would also not be feasible for a stream of data such as a network transmission.

# Symmetric Key (Private Key) Encryption

The one-time pad is an example of symmetric key encryption. Symmetric key encryption is an encryption scheme in which the same key is used to both encrypt the plaintext and decrypt the ciphertext.
The most well-known example of a symmetric encryption algorithm used in practice is AES (Advanced Encryption Standard).

# Public Key Encryption

Public key encryption, also known as asymmetric encryption, is an encryption scheme in which there is a different key to encrypt a message than there is to decrypt it. Messages are encrypted with the public key, which can be made public, while the private key must remain secret only to the party disseminating the keys and is used to decrypt the message.
One of the first and most popular algorithm that utilizes public key encryption is RSA.
Another early application of public key cryptography is the Diffie-Hellman key exchange, which is a secure method of exchanging cryptographic keys over a public channel. You're not sending encrypted messages using this scheme; rather you are creating a secret key with the other party that you can use to encrypt and decrypt further communication. TLS, which is the protocol used to encrypt HTTP to provide HTTPS, uses the DH key exchange.