What is Encryption? | Types of Encryption

Encryption is a way to conceal information by altering it so that it appears to be random data. Encryption is essential for security on the Internet.

  • What is SSL?
  • What is an SSL Certificate?
  • What is TLS?
  • Why Use HTTPS?
  • What is HTTPS?
  • SSL Glossary of Terms


Learning Objectives

After reading this article you will be able to:

  • Understand what encryption means
  • Learn about the different types of data encryption
  • Learn why encryption is so important in modern computing
  • Explain how encryption keeps Internet communications secure

What is encryption?

Encryption is a way of scrambling data so that only authorized parties can understand the information. In technical terms, it is the process of converting plaintext to ciphertext. In simpler terms, encryption takes readable data and alters it so that it appears random. Encryption requires the use of an encryption key: a set of mathematical values that both the sender and the recipient of an encrypted message know.

encryption example

Although encrypted data appears random, encryption proceeds in a logical, predictable way, so that a party receiving the encrypted data and in possession of the key used to encrypt the data can decrypt the data, turning it back into plaintext. Truly secure encryption will be complex enough that a third party is highly unlikely to decrypt the ciphertext by brute force – in other words, by guessing.

Data can be encrypted "at rest," when it is stored, or "in transit," while it is being transmitted somewhere else.

What is a key in cryptography?

A cryptographic key is a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.

What are the different types of encryption?

The two main kinds of encryption are symmetric encryption and asymmetric encryption. Asymmetric encryption is also known as public key encryption.

In symmetric encryption, there is only one key, and all communicating parties use the same key for encryption and decryption. In asymmetric, or public key, encryption, there are two keys: one key is used for encryption, and a different key is used for decryption. Either key can be used for either action, but data encrypted with the first key can only be decrypted with the second key, and vice versa. One key is kept private, while one key is shared publicly, for anyone to use – hence the "public key" name. Asymmetric encryption is a foundational technology for SSL (TLS).

Why is data encryption necessary?

Privacy: Encryption ensures that no one can read communications or data at rest except the intended recipient or proper data owner. This prevents cyber criminals, ad networks, Internet service providers, and in some cases governments from intercepting and reading sensitive data.

Security: Encryption helps data breaches, whether the data is in transit or at rest. If a corporate device is lost or stolen and its hard drive is properly encrypted, the data on that device will likely still be secure. Similarly, encrypted communications enable the communicating parties to exchange sensitive data without leaking the data. Encryption also helps prevent malicious behavior such as man-in-the-middle attacks.

Authentication: Public key encryption, among other things, establishes that a website's origin server owns the private key and therefore was legitimately issued an SSL certificate (see What is public key encryption? to learn more).

Regulations: For all these reasons, many industry and government regulations require companies that handle user data to keep that data encrypted. Examples of regulatory and compliance standards that require encryption include HIPAA, PCI-DSS, and the GDPR.

What is an encryption algorithm?

An encryption algorithm is the mathematical formula used to transform data into ciphertext. An algorithm will use the key in order to alter the data in a predictable way, so that even though the encrypted data will appear random, it can be turned back into plaintext by using the key again.

What are some common encryption algorithms?

Commonly used encryption algorithms include:

  • Blowfish
  • AES
  • RC4, RC5, RC6
  • DES
  • Twofish

What is a brute force attack in encryption?

A brute force attack is when an attacker who does not know the key for decryption attempts to determine the key by making thousands or millions of guesses. Brute force attacks are much faster with modern computers, which is why encryption has to be extremely strong and complex. Most modern encryption methods, coupled with high-quality passwords, are resistant to brute force attacks, although they may be in the future as computers become more and more powerful. Weak passwords are still susceptible to this type of attack.

How is encryption used to keep Internet browsing secure?

Encryption is foundational for a variety of technologies, but it is especially important for keeping HTTP requests and responses secure, and for authenticating website origin servers. The protocol responsible for this is called HTTPS (Hypertext Transfer Protocol Secure). A website served over HTTPS instead of HTTP will have a URL that begins with https:// instead of http://.

HTTPS uses the encryption protocol called Transport Layer Security (TLS). In the past, an earlier encryption protocol called Secure Sockets Layer (SSL) was the standard, but TLS has replaced SSL. A website that implements HTTPS will have an SSL certificate installed on its origin server. Learn more about TLS and HTTPS.

To help keep the Internet more secure, Cloudflare offers free TLS/SSL encryption for any websites using Cloudflare services. Learn more about Universal SSL from Cloudflare.