Encryption keeps computer data secure and confidential by mathematically scrambling information to make it unreadable; to read the data, you need a secret key or password. The encryption process makes e-commerce possible, preventing malicious third parties from accessing bank records and other private information. Computer programs use two basic types of encryption: symmetric, which involves a single key, and asymmetric, which uses two keys.
Encryption works through an operation called an algorithm; each algorithm is a series of several mathematical operations. The algorithm takes in your data, such as a document or bank transaction, applies a password to it and outputs encrypted information. Ideally, the encrypted data appears as completely meaningless, random characters -- useless to anyone not possessing the password. At the receiving end, another algorithm takes the encrypted data and a password and decodes the information, recovering the original data intact and complete. Examples of algorithms include the Data Encryption Standard, RC2 and Serpent.
Symmetric encryption is a simple form of data security. When you use a file encryption program, you select the files you want to protect, then type in a password. Later, when you want to retrieve the files, you use the same password. This works well for securing your own data. However, if you want to pass the data to someone else, you must give that person the password. If a third party obtains the password, they can access the information.
Public key, or asymmetric, encryption is more complicated than the symmetric type but works better as a way to exchange messages between a sender and receiver in a public network. It uses two keys or passwords, one of which the receiver makes public, the other remains a secret. The sender encrypts the information using the public key, and the receiver uses her private key to decode the data. The public key only encrypts the data and cannot decrypt it. Likewise, the private key decrypts information but cannot encrypt it.
When you log into your bank's website to check your balance and pay bills, you're using asymmetric encryption. Your computer encodes your mouse clicks and typed information using the bank's public key, and the bank decodes the data with its private key. A malicious user who intercepts the data between you and the bank receives a stream of random numbers that he cannot use to take your money or personal information. On the other hand, a program such as WinZip uses symmetric encryption. You select the documents to create a single ZIP file, then you supply a password to make the contents secret. When you open the file at a later date, WinZip prompts you for the original password.
- Jason Reed/Ryan McVay/Digital Vision/Getty Images