Encryption for beginners 1: (A)symmetric encryption

Most people do not realise how easily an email can arrive at the wrong recipient. A typo in the address, a mistake in the configuration of a server, the wrong name from the address book: they are all simple mistakes. And there is always the risk of hackers breaking into a provider's email server and thus gaining access to the email of all the users on that system. You should therefore always use encryption to reduce the chance that the wrong person gains access to a message with sensitive (personal) data. We give you a brief introduction to this interesting topic.


What is encryption?


Encryption is the encoding and decoding of data. It is the best way to make messages unreadable with the help of mathematical techniques (algorithms). Only the person who has the correct mathematical formula can make the original message readable again. We call such a mathematical formula the 'key'.


Symmetric encryption


To start with, it is good to be aware that there are different forms of encryption. The first variant is symmetric encryption. This form of encryption requires the sender to exchange a key with the recipient in advance. That key converts all data from readable to unreadable text, and you can only reverse this with the same key. The key is often a data set, that works best when it is completely random. 

The problem with symmetric encryption is that you have to store the key somewhere, and it can only be available for the person who needs the key. The best-known example is the use of a password on the computer: with the right combination of letters and numbers you can access the computer yourself. But someone else - who does not know the password - cannot. The big disadvantage of this of course is that if someone else gets this key (the password), the security becomes completely useless.

You come across symmetric encryption in services that store encrypted data for a user, for example (such as a backup in the cloud). The key remains in the hands of the user.


Asymmetric encryption


Asymmetric encryption does more or less the same thing: it makes data unreadable, and makes them readable again with the right key. The difference, however, is that the recipient's key is not the same as that of the sender. So they do not have to share the key with each other. This is because the data are made illegible with a public key, and a recipient uses his private key to make the data readable again. For two-way communication you therefore need two key pairs. Each party gives its public half to the other.

A quick example to clarify this system. Suppose Alice wants to send a message to Bob. Bob is in possession of a public key and a private key. Alice then receives the public key from Bob. She uses this to encrypt the message and then sends it to Bob. Bob decrypts the message with his private key and can read it.


Digital signature


You can make the public key public. You can publish it on a homepage or on a 'key server'. This makes it easy for anyone who wants to encrypt a message to get the right public key. You keep the private key for yourself, just like a password.

In some cases, asymmetric encryption can also allow data to be signed. In such cases, a signature is created using the private key, and the public key is then used to verify it. This makes it virtually impossible to send an email under someone else's name.

Asymmetric encryption is especially useful on the internet, for example for setting up a secure (https) connection between a browser and a website. It is also possible to use this to establish a secure connection with remote servers. A computer uses this form of encryption when software updates require a signature. This enables the system to be certain that the software originates from a trusted party.


Man-in-the-middle


Of course, asymmetric encryption also has disadvantages. For example, it is possible to break into an encrypted connection via a so-called man-in-the-middle (MITM) attack. This works as follows: when you want to send a message, you receive a public key to set up a secure connection. But in an MITM attack, you are communicating with a party other than your intended recipient. This party gives you their own public key , then gives the party you want to communicate with another public key and pretends that this is yours. The data you then send can then be intercepted and read. This could cause a lot of problems when you send your bank details, for example. The only thing you can do to prevent this is to make sure that you have the right public key. Do you want to know how we solved this problem at ZIVVER? We would be happy to explain it to you. Send your question to contact@zivver.com and we will get back to you!

RELATED
All_it_takes_is_one_human_error_to_compromise_your_organizations_reputation_blog_zivver

All it takes is one human error to compromise your organization's reputation

Professionals understand the value of their companies' reputation. Firms with a powerful and positive reputation attract better employees, partners, and clients. They're regarded as offering additional value, which usually allows them to impose a premium. Customers tend to be more dedicated and purchase broader ranges of services and products. As the industry believes […]

Read more
The User Representatives - Always here to help you!

The User Representatives - Always here to help you!

  At ZIVVER the success of our customers is paramount! For that reason, we have a dedicated Customer Success team to help our customers maximize their value from our product. Part of the Customer Success team are the User Representatives. Their ultimate goal is to create happy ZIVVER users, by solving all issues, providing information and representing their voice […]

Read more
Your_Success_our_primary Mission_The Customer Success team_ZIVVER_EN_blog

Your Success, our primary Mission! - The Customer Success team

At ZIVVER the success of our customers is paramount! Our purpose is to add real value to your organization. That’s nothing new, but now we even have a dedicated Customer Success team to help you achieve your desired goals with our product.  […]

Read more
Introducing-open-conversation-starters-A powerful-new-feature-live on ZIVVERs-platform-blog-eng

Introducing open conversation starters! A powerful new feature from ZIVVER.

One of ZIVVER's most convenient and unique features is the conversation starter. It allows people who don't have an account (guest users) to take the initiative for a conversation with a ZIVVER user, in the same secure email environment. It protects both senders and recipients from possible data leaks caused by guest users. […]

Read more
shutterstock_395578309-2

Human error while emailing might be disastrous for your organization - Prevention is much simpler than you think!

  If hackers and cybercriminals are your biggest concern when it comes to cybersecurity, it might be time to look somewhere else for the cause of the vast majority of data leaks. It is well documented that the actual offender is that lovely and well-intended colleague sitting right next to you, and not a malicious individual in North Korea like the media often […]

Read more
Sending_or_receiving_credit_card_data_via_email_while staying_PCI_compliant

Sending or receiving credit card data via email while staying PCI compliant

To prevent cardholders’ information from falling into the wrong hands, the Payment Card Industry Data Security Standard (PCI DSS) was established to hold organizations to a common standard for securing cardholder information against unauthorized exposure and exploitation. […]

Read more