Types of Encryption.

What is encryption?
Encryption is the conversion of data into a form, called a ciphertext. There are two basic techniques for encrypting information: symmetric encryption (also called secret key encryption) and asymmetric encryption (also called public key encryption).

Want to send secure emails to your friends or partners so nobody can read them?

Are you afraid that someone else can see sensitive data stored on your computer?

Want to protect your files with passwords so only you can access them?

How encryption works
Encryption program uses an encryption algorithm (complex mathematical processes) to encrypt and decrypt the data. Encryption algorithm creates specific strings of data used for encryption - keys that consist of long strings of bits or binary numbers. The more bits in the key, the more the number of possible combinations of binary numbers that makes the code more difficult to break. Then encryption algorithm scrambles data by combining the bits in the key with the data bits. In symmetric encryption, the same key is used to scramble (encrypt) and unscramble (decrypt) data. In asymmetric key encryption, two different keys are required - one for encryption and one for decryption.

Why you need encryption
Nowadays when more and more sensitive information is stored on computers and transmitted over the Internet, we need to ensure information security and safety.

One of the most common uses of encryption is encrypting emails. Sending sensitive messages, documents and files over the Internet is like sending a postcard as all emails are transmitted in an unsecured form. It doesn't depend on if you send emails via public and private networks. Your message is totally open to interception by anyone along the way - so anybody - your ISP, your boss, etc. can read your emails. Even if you connect to your server and send your emails via SSL, it only means that your emails can't be seen while transmitting between you and your server. When your email reaches your server, it can be seen by your email service provider. Then your server usually sends your email to the recipient in an unsecured way and your email can also be easily seen by anyone. Private network, where email goes directly to a mail server and resides there until it is retrieved, also doesn't provide necessary security level, as you email can be seen e.g. by network administrator, your boss, etc.

You may believe that your personal email does not contain any private information, but everyone has got something to keep in secret from his family, neighbors or colleagues. It could be financial, sexual, social, political, or professional secrets. There is really only one sure way to protect your email privacy - using encryption.

Encryption is a process that takes information and transcribes it into a different form that is unable to read by anyone who does not have the encryption code. Those who work in cryptography fields make it their job to encrypt information or to break codes to receive encrypted information.

Manual Encryption
Manual encryption is a type that involves the use of encryption software. These are computer programs that encrypt various bits of information digitally. Manual encryption involves the user's participation completely. The files he wants to encrypt are chosen, and then an encryption type is chosen from a list that the security system provides. This is great for personal computers because it allows a user to encrypt personal files in a way that will suit him, thus protecting personal material on a computer.

Transparent Encryption
Transparent encryption is another type of computer software encryption. It can be downloaded onto a computer to encrypt everything automatically. This is one of the most secure types of encryption available because it doesn't leave out anything that might be forgotten when using manual encryption. Every executable application and file created in the computer has an encrypted copy that can withstand power surges and protects information in case a computer is stolen.

Email Encryption
As mentioned, email encryption typically uses asymmetrical encryption methods. This entails that emails that are received cannot be read by others, such as hackers who may be trying to get into an email inbox. There are two types of encryption methods used with email. The first is when a central station, such as an email provider, has the sole decision in who gets the private key to the email. This is usually given only to the user of an email address. The second type gives the user control over who gets the key. This means they can allow others to read encrypted emails with the private key they are given.

Email Encryption
As mentioned, email encryption typically uses asymmetrical encryption methods. This entails that emails that are received cannot be read by others, such as hackers who may be trying to get into an email inbox. There are two types of encryption methods used with email. The first is when a central station, such as an email provider, has the sole decision in who gets the private key to the email. This is usually given only to the user of an email address. The second type gives the user control over who gets the key. This means they can allow others to read encrypted emails with the private key they are given.

Symmetric Encryption
Not all encryption is done via a computer software program. You can easily encrypt information by yourself. One of the simplest ways to do this is through symmetric encryption. Here, a letter or number coincides with another letter or number in the encryption code. You can make the code up yourself--for example, a=1, b=2 and so on. You can take any written text and substitute letters and numbers for their coded counterpart, thus encrypting the text.

Semi-Transparent
"On-the-fly", encryption operates not permanently, but before/after access is made to confidential objects or during some read/write operations. The most widespread example is ciphering during Copy/Move to a "secret" volume/folder; deciphering a file before opening it via standard Windows applications (Word, Excel, etc) and enciphering it after the application is finished; and deciphering specified folders/files at startup of the computer and enciphering them again at shutdown. Semi-Transparent encryption graduates from manual/file encryption.

The typical great weakness of many of these encryption products is that they can cause degradation of the computer systems efficiency and a sudden/ emergency loss of data when the amounts to be encrypted are too great. The problem of developers is to find an optimal trade off between simplicity, security, effectiveness and reliability, and most developers get into a mess here.

Asymmetric Encryption (Public Key Encryption)
Asymmetric encryption uses different keys for encryption and decryption. The decryption key is very hard to derive from the encryption key. The encryption key is public so that anyone can encrypt a message. However, the decryption key is private, so that only the receiver is able to decrypt the message. It is common to set up "key-pairs" within a network so that each user has a public and private key. The public key is made available to everyone so that they can send messages, but the private key is only made available to the person it belongs to.

How Asymmetric Encryption (Public Key Encryption) works:
The sender and the recipient must have the same software. The recipient makes a pair of keys - public key and private key (both keys can be unlocked with a single password). Public key can be used by anyone with the same software to encrypt a message. Public keys can be freely distributed without worrying since it is only used to scramble (encrypt) the data.The sender does not need the recipient's password to use his or her public key to encrypt data. The recipient's other key is a private key that only he or she can use when decrypting the message. Private key should never be distributed since the private key assures that only the intended recipient can unscramble (decrypt) data intended for him or her.

To uderstand assymetric encryption better please read an example:
For example, Jack makes public key A and private key A, and Jill makes public key B and private key B. Jack and Jill exchange their public keys. Once they have exchanged keys, Jack can send an encrypted message to Jill by using Jill's public key B to scramble the message. Jill uses her private key B to unscramble it. If Jill wants to send an encrypted message to Jack, she uses Jack's public key A to scramble her message, which Jack can then unscramble with his private key A. Asymmetric cryptography is typically slower to execute electronically than symmetric cryptography.

Some Asymmetric Algorithms (public key algorithms) such as RSA allow the process to work in the opposite direction as well: a message can be encrypted with a private key and decrypted with the corresponding public key. If the recipient wants to decrypt a message with Bob's public key he/she must know that the message has come from Bob because no one else has sender's private key. Digital signatures work this way.

Some examples of popular assymmetric algorithms:
RSA
DSA
PGP

RSA
RSA is the best known public key algorithm, named after its inventors: Rivest, Shamir and Adleman. RSA uses public and private keys that are functions of a pair of large prime numbers. Its security is based on the difficulty of factoring large integers. The RSA algorithm can be used for both public key encryption and digital signatures. The keys used for encryption and decryption in RSA algorithm, are generated using random data. The key used for encryption is a public key and the key used for decryption is a private key. Public keys are stored anywhere publicly accessible. The sender of message encrypts the data using public key, and the receiver decrypts it using his/her own private key. That way, no one else can intercept the data except receiver.

DSA
The Digital Signature Algorithm (DSA) is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS).

PGP
PGP (Pretty Good Privacy) is a public-private key cryptography system which allows for users to more easily integrate the use of encryption in their daily tasks, such as electronic mail protection and authentication, and protecting files stored on a computer. PGP was originally designed by Phil Zimmerman. It uses IDEA, CAST or Triple DES for actual data encryption and RSA (with up to 2048-bit key) or DH/DSS (with 1024-bit signature key and 4096-bit encryption key) for key management and digital signatures. The RSA or DH public key is used to encrypt the IDEA secret key as part of the message.

Combination of Symmetric Encryption and Asymmetric Encryption
If we want the benefits of both types of encryption algorithms, the general idea is to create a random symmetric key to encrypt the data, and then encrypt that key asymmetrically. Once the key is asymmetrically encrypted, we add it to the encrypted message. The receiver gets the key, decrypts it with their private key, and uses it to decrypt the message.