What is Encryption?

Encryption is the practice of using mathematical models and algorithms to encode digital information such that it can only be decoded by an authorized user or recipient who possesses the corresponding encryption key.

The primary goal of encryption is to safeguard the privacy, security, and confidentiality of data stored in computer databases or transmitted over the Internet.

How Does Encryption Work?

Enterprise security teams leverage encryption techniques to obfuscate sensitive data stored in databases and/or to ensure that sensitive communications within the organization cannot be intercepted by a 3rd party.

Encryption takes a plaintext, human-readable string of characters (e.g. a password or credit card number) and converts it into an unintelligible string of seemingly random characters known as a ciphertext using an encryption algorithm. An encryption algorithm is a mathematical function that works with an encryption key to predictably convert plaintext data into ciphertext. 

An encryption key is a variable value that must be applied to the encryption algorithm to correctly convert plaintext into an encrypted ciphertext. Encrypted data can be decrypted using a decryption key, converting it from its encrypted ciphertext format back into plaintext format.

When the same encryption algorithm and key are used, a given plaintext password will always yield an identical ciphertext after encryption. But as with password hashing, even a minor change to the original plaintext password will yield a completely different ciphertext.

Symmetric vs. Asymmetric Encryption: What’s the Difference?

Encryption methods can be broadly divided into two types: symmetric and asymmetric encryption.

In symmetric encryption, also known as private key cryptography, the same private key is used to both encrypt plaintext (converting it to ciphertext) and to decrypt ciphertext (converting it back into plaintext). 

In asymmetric encryption, also known as public key cryptography, separate keys (one public and one private) are used to encrypt and decrypt the data. The public key may be publicly available or shared exclusively with individuals authorized to access the data, but only the private key may be used to decrypt the data.

What are the Benefits of Encryption?

  • Confidentiality - Encoding the contents of a message or a database ensures data privacy, security, and confidentiality by obfuscating the underlying data for anyone who does not possess the decryption key.
  • Authentication - Several modes of encryption include authentication tags that can be applied by the data originator and checked by the recipient to authenticate the data and the sender’s identity.
  • Data Integrity - Encrypting data helps prove data integrity by ensuring that the contents of a database can’t be changed without detection and the contents of a message cannot be altered in transit between the sender and receiver.

5 Encryption Algorithms You Should Know

  • AES - The Advanced Encryption Standard (AES) was first published in 1998 and standardized by the U.S. National Institute of Standards and Technology in 2001. AES is a symmetric encryption algorithm, with the same key used for both encryption and decryption. 
    Some digital adversaries have been able to steal AES-encrypted data via side-channel attacks that exploit data leaks, but AES is generally considered a highly secure form of encryption when properly implemented.
  • 3DES - Triple DES (3DES), the successor to the Delta Encryption Standard (DES) is an encryption algorithm that was adopted by the United States National Security Agency (NSA) in 1977. 3DES is unique because it uses three distinct keys applied in sequence to transform plaintext into ciphertext, then applies those same keys in reverse order to transform ciphertext back into plaintext data.
  • RSA - Developed in Britain in 1973, RSA encryption is a highly secure example of an asymmetric encryption algorithm. The algorithm allows for the generation of both a public key, which can be known by everyone and used to encrypt messages, and a private key, which is required to decrypt those messages.
  • Diffie-Hellman Key Exchange - Diffie-Hellman Key Exchange is a method for securely exchanging cryptographic keys over a public communication channel. Each party generates a public and private key, then shares the public key with the other party. From there, each party goes offline and computes a shared secret key that can be used to encrypt subsequent data exchanges.
  • Elliptical Curve Cryptography (ECC) - ECC is an encryption methodology based on the algebraic equations of elliptic curves. The main benefit of ECC is that it allows users to generate smaller encryption keys while maintaining higher levels of security, reducing data storage and transmission requirements. ECC entered widespread use in 2005.

How Do Digital Adversaries Use Encryption?

  • Crypting Attacks - A crypting attack occurs when digital adversaries use encryption to obfuscate a known malware program with the purpose of evading antivirus, IDS, and other detection systems.
  • Ransomware - In a ransomware attack, digital adversaries infect the targeted machine or IT infrastructure with a malicious program that discovers and encrypts critical data. From there, digital adversaries can demand a cash ransom in exchange for decrypting the data and allowing the target to restore operations.

How Do Digital Adversaries Defeat Encryption?

  • Cryptanalysis Attacks - Cryptanalysis attacks involve studying, analyzing, and decoding encrypted data without using the real decryption key. Many different variations of cryptanalysis attacks are possible, depending on what information can be accessed by digital adversaries.
  • Brute Forcing - Brute force attacks are always an option for digital adversaries attempting to penetrate secure IT systems. A hacker might encrypt every word in the dictionary using a few different encryption algorithms, then compare the resulting ciphertexts with a stolen list of encrypted passwords to find a match.
  • Side Channel Attacks - A side channel attack is an attempt to get information about a cryptographic system by analyzing the physical implementation of the system. Examples of side channel attacks include cache attacks, timing attacks, and differential fault analysis.
  • Social Engineering Attacks - When cryptanalysis proves too difficult, digital adversaries will use social engineering techniques to manipulate human targets into disclosing their access credentials for secure systems. Social engineering attacks include phishing, spear phishing, spoofed domain attacks, impersonation attacks, and a variety of other deceptive tactics.
    Phishing attacks are increasingly common in 2023, with more than 3.4 billion phishing emails transmitted across the web every single day.

Detect and Disrupt Digital Adversaries with ZeroFox

ZeroFox provides digital risk protection, threat intelligence, and adversary disruption to dismantle external threats to brands, people, assets, and data across the public attack surface.

The AI-driven ZeroFox platform helps you monitor, detect, and disrupt crypting, ransomware, cryptanalysis, and social engineering attacks against your business, employees, and customers.

Ready to learn more?

Check out our 2023 Phishing Trends Report to learn more about how digital adversaries are leveraging phishing tactics to carry out credential theft attacks and gather information for cryptanalysis - and how to stop them.