How Does Encryption Work?

A lot of the online services we use daily, tout the use of encryption as the method of keeping your data and personal information secure and unreadable to outside parties. However, do you know what encryption actually does, and if the online service you’re using is utilizing it effectively? Encryption is a powerful method to keep data readable to only designated users, but only if it’s used correctly.

Encryption is a form of digital cryptography that algorithmically scrambles data into an unreadable or unusable form, with the only way to decipher the data being through the use of a corresponding key. Anyone who intercepts the transferred data can’t decrypt it without the key, rendering it useless to them.

Encryption can be broken down into two categories: symmetric and asymmetric. Symmetric encryption utilizes a single key to encrypt and decrypt data, while asymmetric utilizes two – a private key and a public key.

Since symmetric encryption uses a single key for encryption and decryption, when transmitting data, the receiving client must already have the sender’s key in order to read the data. In asymmetric, the recipient’s key, which is public and available to all, is used by the sender to encrypt the data, which is then transferred and can only be opened with the recipient’s corresponding private key.

What does SSL/TLS mean?

The most common form of encryption that we use on a daily basis is SSL/TLS (Secure Sockets Layer/Transport Layer Security) which is commonly used when accessing secured websites over a web browser. It’s also the most common form of security used for transmitting bank/credit card numbers for online purchases. SSL/TLS uses both symmetric and asymmetric encryption for its data transferring.

Since symmetric encryption requires both the parties to have the same key, there needs to be a way for the sender to get their key to the recipient, and just transmitting the key would defeat the purpose of encryption in the first place. So this protocol uses asymmetric encryption to encrypt the symmetric key to send it. This is a temporary, one-time key that’s created for that session of data transfer. With this key, the two parties can freely exchange encrypted data for the duration of the session.

SSL/TLS protected websites must have a valid SSL certificate, which is their public key. It must be renewed often to stay as secure as possible.

What does AES mean?

Another common term used when discussing security is AES (Advanced Encryption Standard), usually in conjunction with 128-bit or 256-bit. AES is a standard used for symmetric encryption keys. The number corresponds to how complex the algorithmic key is.

256-bit AES is the encryption standard adopted by the federal government and countless other entities. The number of possible combinations in a 256-bit encryption key consists of 78-digits. It would take a supercomputer millions of years to decode it. Which is why it’s imperative to keep the key secret, as it’s the only way that outside attackers can decrypt the captured information.

Balancing security and convenience

Online services walk a tightrope of balancing security and convenience, as one usually comes at the cost of the other. Heavily encrypting data for storage or transfers costs time as well as ensuring that the networks, devices and end-users following the best security practices.

Having flimsy security so that data can be more easily accessible is good for convenience sake, however, utilizing weak encryption or at the wrong points can make intercepting encrypted data and the corresponding key easy for hackers. A common example of lax security is the lack of SSL/TLS security or an expired certificate. File-sharing is faster, but it’s a huge security risk.

eFileCabinet utilizes a constantly maintained SSL/TLS security protocol for its file-transfer features and files stored on the server are encrypted under 256-bit AES. When sharing a file, the receiver is directly brought into the secured environment to download the file. In other words, when using eFileCabinet to share sensitive documents with clients, it doesn’t put the document into a lockbox and mail it to them along with the key. Rather it brings the client to the bank vault, where they open the lockbox under tight security.

To learn more about how eFileCabinet does secure file-sharing better, flawlessly integrated with intelligent document management, consider watching a free demo.