Sign in with
Sign up | Sign in

Encryption: What It Is, and How It Works for You

By - Source: Tom's Guide US | B 2 comments

Encryption refers to any process used to make sensitive data more secure and less likely to be intercepted by those unauthorized to view it.

There are several modern types of encryption used to protect sensitive electronic data, such as emails, files, folders and entire drives. It's very important to understand what kinds of encryption are most important for a particular need, and to not be lulled into a false sense of security by fancy-sounding process names.

There are many encryption programs that provide excellent security for very little money — sometimes even for free.

For example, consider the folder-encryption options available to users of the Microsoft Windows operating system. Microsoft's encryption is generally strong, meaning that most users won't have to seek out additional methods of protecting their sensitive financial data, medical records and other sensitive files.

MORE: 17 Security and Privacy Apps and Plugins

Or, if you're worried about Microsoft's alleged relationship with the U.S. National Security Agency, try TrueCrypt, an open-source, free-to-use software solution.

The most dangerous pitfall of folder encryption is that there may be temporary versions of the sensitive files that are not encrypted.

Consider this: Most computer users regularly save their work to avoid catastrophic data loss due to a power outage, electrical storm or other unexpected event. Each time the user saves a file in progress, a temporary version of that file is created and stored in the aptly named "temp" folder, where it remains unencrypted.

Simply deleting temp files isn't enough protection, either. Someone who wants to access your data badly enough will likely be able to access those files using free or cheap data-recovery software.

Weaknesses in encryption

All encryption techniques have weak spots. As these weaknesses are revealed and exploited, new methods of encrypting data are developed to provide additional layers of security for users.

One of the most common and bothersome weaknesses occurs when an encryption method, also called a cipher or an algorithm, that's supposed to generate seemingly random strings of gibberish instead produces outputs that have a discernible pattern. If the pattern gets noticed by interlopers, it may help them crack the encrypted data.

A similar issue involves encryption algorithms that generate predictable patterns of characters in response to repetitious, predictable input.

MORE: Email Encryption: Worth the Trouble?

If this problem is extensive enough, it can help digital intruders decipher at least part of the encrypted data, which may include financial information, government documents or other sensitive information. In many cases, even a partial data breach can be devastating.

Defenses against hackers and file corruption

Individuals and organizations that want to add protection to their encryption algorithms often insert extra lines of code to alter the outputs -- a practice known as "salting."

For example, one of the most common passwords used is simply "password." Malicious hackers know what "password" and other common passwords look like after they're run though common encryption algorithms.

But if an organization adds extra characters to each password during the encryption process, such as "password" plus "safe," the output will be something malicious hackers won't recognize — as long as the extra characters are kept secret.

Encryption can also be used to verify the integrity of a file or piece of software. The raw binary data of a file or application is run through a special encryption algorithm to produce a "hash," a long number unique to that file.

Any alteration to the file, such as by a hacker inserting malicious code or by random data corruption, will produce a different hash. Computers and mobile devices compare a new piece of software's stated hash to its actual one before installing the software.

A similar process involves running a piece of software through a simple algorithm that produces a single short number, a "checksum." Altering the software in any way will likely produce a different checksum.

To guard against random, accidental corruption, many pieces of software include protection in the form of self-diagnostic checksum matches that the software performs each time it's launched.

Everyone's concern

Data encryption is important for everyone, not just big corporations and government officials. The topic can be intimidating for those without extensive computer experience, but thankfully, for most users, keeping sensitive data safe is a relatively straightforward process.

The key is to start early and regularly verify the effectiveness of the chosen security measures.

Follow us @tomsguide, on Facebook and on Google+.

Display 2 Comments.
This thread is closed for comments
  • 0 Hide
    ddpruitt , September 12, 2013 10:02 AM
    There are so many inaccuracies in this article it's not even funny. Here's a few:

    Quote:
    "hash," a long number unique to that file


    Collisions can and do occur, MD5 has a low collision rate

    Quote:
    Each time the user saves a file in progress, a temporary version of that file is created and stored in the aptly named "temp" folder


    No. Else your temp folder would have a few hundred thousand files in it.

    Quote:
    One of the most common and bothersome weaknesses occurs when an encryption method, also called a cipher or an algorithm, that's supposed to generate seemingly random strings of gibberish instead produces outputs that have a discernible pattern. If the pattern gets noticed by interlopers, it may help them crack the encrypted data.

    A similar issue involves encryption algorithms that generate predictable patterns of characters in response to repetitious, predictable input.


    These are both the same problem.
  • 0 Hide
    SirCrono , December 9, 2013 1:29 PM
    Meh, it's not that inaccurate, and it´s probably intended as an arcticle to people that know nothing whatsoever about encryption.

Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter