Skip to main content

A short guide to Data Encryption

Data encryption is the process of encoding data (through a series of mathematical functions) to prevent unauthorized parties from viewing or modifying it.

It has the objective to protect the confidentiality and integrity of the information when the encrypted data is in transit (such as over the Internet). Use of data encryption has been reported as early as 1900 B.C. in ancient Egypt.

People have been using codes of various complexity ever since to disguise all kinds of messages. Cryptography (the science of encryption) became a serious issue when the telegraph was invented, and it was further developed during World War II, when digital computers were invented to crack codes. Data encryption works so that only the recipient can decipher the data using the decoding algorithm and an encryption key that is known only to that person.

The encryption algorithm itself may or may not be secret. Someone intercepting encrypted data cannot easily reverse the algorithm and retrieve the data. Data encryption not only protects data confidentiality, but also

can be used to protect data integrity (the receiving party will know if the cipher data has been tampered with) and to certify the origin of the message being transmitted.

Until the 1960s, the right to create and break codes was thought to belong to the government, but in the early 1970s, the National Institute of Standards and Technology (NIST) selected the Data Encryption Standard (DES) algorithm to serve as a common encryption standard, enabling the development of commercial applications.

In 1977, RSA, an alternative to DES, was introduced as a "public key" encryption standard. Improving on DES's single key structure, RSA provided a two-key Public Key Infrastructure (PKI).

A user generates both of these keys; one of them - the "public key" - is distributed openly, like a phone number, posted to an Internet Public Key Server. Anyone can use this public key to send encrypted e-mail to the key's owner, who then uses his or her second "private key" to decrypt the message.