Encryption is the act of encoding data into an unintelligible "ciphertext" until decrypted by a key.

A great example of this is PGP encryption. The text "I like rainbow waffles" when encrypted using PGP looks like this:

-----BEGIN PGP MESSAGE----- Comment: GPGTools - https://gpgtools.org

hQIMA1H82UVEZMDOARAAljhLee60mhmiISQ8X9y7/u9ZOgXrCJk0nLaCIezmY3sb lRz/ZgoyJerc/XLqT7BjbinJN3QE32Csn/VNl89ZUnQIYF2Fi4HkP0FlZtV5sl9t MZEmz/hzTfXg6Al69kXVzokNmP2+sr2lsh/F20FWw+Sn+t13Jd682F3p6O3EgTJV 8dZxvGFLpC5SiOajoYGZpa3100QaC438tyLP7g4tVZ7mVxsKtSOlXmnEc6Ge1xmM pxTcYeqdXQgUbCb1iLOFHctFEh6xrT6RoMawV7YmSzJaGJ+r3Hc205rSWUua202t aG+r/FMDIgBPz5Py9lKf9qcqhK8LGqPTVIN5uVbE53YeyEpWZOkpx+uSVFStziqJ iB7UIQB7UwllWPLmCo96j0YCB/O5ITSDkdEf9pGAAYw/HW1dm9w4+VcHCfwH+/2d 5+2f1iQX25EQvdj93H2Rw1qxYnDSt7s+5RfnEzPX9H+9b/KyCqGeh4/VGwpaO2n/ 1Su0B9wEUj4mbFfZQ54fwpUSZZHURmXsiTVE8UMQ+QjOxtKPreVDKSCMdhEbS8rs h26vr3qf51NT3ASNGHUbDC0GJR6MarwyUlgU0grX/g17oeLeh+9YhJG1POuPQ6jM 1Kn1LW261HHg/vYT9u7aPlXCfAUjZOH1DgOmS/puXmFkRXnPpuU9QHYWAqTn6BiM LgQDAwIXnfl85S/9puT5Y8rB+1W52kZpebaSCSre51W9fTtx93a3dI8gfaD4zHnS 6QFDeRz/pRyOduJVsA4BxmtvAmkUCjfcOruC1/t3jJ6NPwjdvmw8aWNzs/0Ey056 kPucintT1fuPwSO5+Gwa+7CG81YBnNJOQSoQQlLbpbvyAFYHV2QNkqyISqwuXqAN qYGs4Ch99od7O+5kqs1B5a70A/RHsXV2jaEUoqKUM24t+t75mgx71RYQTv0t4+Jp gG66psXiER6NP4ROXUm7bj8EpqdimM4B9EifY/gC9VnGJpmk+eZlbZwEGjd6j29F MOADJLHrsNDGBZGLNRywnA55y4DJ+EbAF1tPzYQHhqKyWlHsHx0xE/sWK0jJ5TgJ Tto7DmTJRMb4GKDUl1EqhfQZpD7eSXHKAnPkWsg1S92YFdZlhDi7SACAYXnBzELB /VeFyuXdjDDZz7B9tSoHaa7BIZuxq2Ae4n662SwkHuI4hvCBb+F4sUa5cGBMMDB9 ekdjUmostA/cUo4ZJzl+OApm/xKNH1Vzb1RLOTF7EHX8NgzWr7HMZ2e5WGDoD8KZ V4IrBhww2s4aunU6ODyaSJQkZuIzhfoUvGcRYhuWILqZUP4UtdKuk+eI2sZ9Ylqi pVW/CTlT9FoMaxEOpJzb4Y6SrMlY8IRdxJcDHQSU5FZnZHCfHKylZkPbn1L99yWs 1Olakan9vqSK5kbWss61X49xbm+LgaxcE5wHS6TntCnydp/c7t/rvsDI4myeaEht PaDz5yYHEtGxHz5S6x15lIoaHqYNZko6pzwu95/aIa1/myBd5ClZ6tye313a8QsX igsMY4bpLOl0aXvf4agR+wU3Ab4P/iHC80mQcihvcgNkdDgFlsHoxqLznGF4BzjQ A/t9HSCEgUo= =Vjd2 -----END PGP MESSAGE-----

This is obviously completely useless to someone who intercepts the message, but it is also useless to us. That is unless, you have the key. The key is usually although not always, passcode locked. Once authenticated, the key is used to decrypt the message back into its original form. Do note that encryption doesn't stop messages from being intercepted, but from being read.

Now that we have discussed encryption in the context of messaging, how does encryption work on hard disks? On a computer, phone or external hard drive etc, encrypting the device's storage turns the data on the device into a similar mess as seen above. Once booted, the device will only decrypt the data when a correct passcode is entered. Once authenticated, the key is then used to decrypt the devices storage. Once decrypted, the device works as normal. When the device is powered down, the storage is encrypted once again.

Public Key Encryption

Public Key Cryptography is the basis for most encryption used today. If you have seen a padlock in your browser or sent an email using Gmail or Outlook, Public Key Encryption was protecting the contents of your browsing, email or data. The following video discusses the basics of Public Key encryption.

When a person generates keys using dedicated software, a public and private key is generated for that one individual. When person A wants to send person B and email, person B must first provide person A his/her public key. Then, this public key is used by person A to encrypt the message so ONLY person B can decrypt it. That's the magic of public key encryption. When key pairs are generated, the private key is the one correct solution out of the 2^128 total possible wrong solutions to unlocking messages encrypted using the public key. Put simply, without a private key, it is impossibly difficult to break public key encryption by brute forcing it.

So the key takeaways are for a service using public key encryption to work, you must have the public key of your intended recipient. If you do not have it, you must have it sent to you. You can exchange public keys unencrypted out in the open, as a public key cannot be used to decrypt messages. Facebook even allows you to put your public key on your profile when using PGP email encryption.

Person A's private key are used to decrypt emails that were encrypted using person A's public key. Never, EVER share your private keys. Many public key encryption software managers do not easily allow exporting of public keys, to prevent a person from accidentally sharing their private key with anyone. I only keep a backup off my private key offline on encrypted hard drives. If someone were to attain your private key, they would be able to decrypt all your messages you have ever received using that key.

Note the fact the encryption and decryption occurs at person A's and person B's devices only, and no external server ever decrypts the contents of ones message. This is known as End-to-End encryption. Further discussions about End-to-End encryption and link encryption can be found here: How to Send Secure Encrypted Instant Messages & Calls.

This guide was a part of my Ultimate Information Security & Privacy Guide. Be sure to check out any related content: