Encryption
In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode.
It is possible to decrypt the message without possessing the key but, for a well-designed encryption scheme, considerable computational resources and skills are required.
One of the earliest forms of encryption is symbol replacement, which was first found in the tomb of Khnumhotep II, who lived in 1900 BC Egypt.
This technique was rendered ineffective by the polyalphabetic cipher, described by Al-Qalqashandi (1355–1418)[2] and Leon Battista Alberti (in 1465), which varied the substitution alphabet as encryption proceeded in order to confound such analysis.
Around 1790, Thomas Jefferson theorized a cipher to encode and decode messages to provide a more secure way of military correspondence.
[5] A similar device to the Jefferson Disk, the M-94, was developed in 1917 independently by US Army Major Joseph Mauborne.
[6] In World War II, the Axis powers used a more advanced version of the M-94 called the Enigma Machine.
The Enigma Machine was more complex because unlike the Jefferson Wheel and the M-94, each day the jumble of letters switched to a completely new combination.
[7] The Allies used computing power to severely limit the number of reasonable combinations they needed to check every day, leading to the breaking of the Enigma Machine.
Modern encryption standards often use stronger key sizes, such as AES (256-bit mode), TwoFish, ChaCha20-Poly1305, Serpent (configurable up to 512-bit).
[1] Since data may be visible on the Internet, sensitive information such as passwords and personal communication may be exposed to potential interceptors.
[18] A publicly available public-key encryption application called Pretty Good Privacy (PGP) was written in 1991 by Phil Zimmermann, and distributed free of charge with source code.
[20] Encryption can be used to protect data "at rest", such as information stored on computers and storage devices (e.g. USB flash drives).
In recent years, there have been numerous reports of confidential data, such as customers' personal records, being exposed through loss or theft of laptops or backup drives; encrypting such files at rest helps protect them if physical security measures fail.
[26] Conventional methods for permanently deleting data from a storage device involve overwriting the device's whole content with zeros, ones, or other patterns – a process which can take a significant amount of time, depending on the capacity and the type of storage medium.
With today's computing power, a 56-bit key is no longer secure, being vulnerable to brute force attacks.
This would make all data protected by current public-key encryption vulnerable to quantum computing attacks.
The National Security Agency (NSA) is currently preparing post-quantum encryption standards for the future.
[32] Encryption is an important tool but is not sufficient alone to ensure the security or privacy of sensitive information throughout its lifetime.
Most applications of encryption protect information only at rest or in transit, leaving sensitive data in clear text and potentially vulnerable to improper disclosure during processing, such as by a cloud service for example.
[40] The question of balancing the need for national security with the right to privacy has been debated for years, since encryption has become critical in today's digital society.
The modern encryption debate[41] started around the '90s when US government tried to ban cryptography because, according to them, it would threaten national security.
The debate heated up in 2014, when Big Tech like Apple and Google set encryption by default in their devices.
[42] Integrity protection mechanisms such as MACs and digital signatures must be applied to the ciphertext when it is first created, typically on the same device used to compose the message, to protect a message end-to-end along its full transmission path; otherwise, any node between the sender and the encryption agent could potentially tamper with it.
