Lesezeit: 6 mins | 30. August 2021

A **secure encrypted cloud solution** is essential for any business, but many are not exactly sure what the different encryption methods involve or mean.

Encryption generally refers to a method that converts plain text into unreadable characters using a key. The encrypted text can be decrypted again using the same key.

More and more data is being processed, stored, and transmitted digitally, which is why the reasons for secure encryption are increasing at the same time. The risks of data loss or misuse are well known. This article will describe common methods in more detail and illustrate them using various examples.

In general, there are different **types** of encryption technologies. These include:

1. Symmetric encryption

2. Asymmetric encryption

3. Hybrid encryption

Therefore, there are **various methods** that apply these encryption types.

4. RSA encryption

5. SSL and TLS

6. AES-256-bit encryption

7. End-to-end encryption

In symmetric encryption, only one key is needed for encryption and decryption. Therefore, the key must be known to both the sender and the receiver.

The

Since the exchange of the key should be kept secret, the key exchange problem arises at this point. A secure way must be found to exchange the key. The safest way would be a personal meeting, which is often not practical.

If multiple messages are sent to different participants, the number of keys quickly increases.

**= also known as "public key encryption"**

Asymmetric encryption requires two keys. The key for encryption is public and accessible to everyone, while the key for decryption is private.

Asymmetric encryption has the **advantage** of providing high security that cannot be easily cracked by attackers. This method can also bypass the key exchange problem or create digital signatures that serve for authentication.

More about digital signatures can be found in the section that discusses the RSA algorithm.

Suppose Anna wants to send a secret message to Tom.

First, a key pair needs to be generated for Tom to exchange. Now, Anna needs the **public key** of Tom to encrypt the plaintext message, which fortunately is public and thus does not need to be communicated secretly.

With the **public key**, Anna can now encrypt the message to Tom, and Tom can decrypt it with his **private key**.

Despite the high security offered by this method, it is very computationally intensive and complex, especially when encrypting large amounts of data.

Thus, the method is also much slower than the symmetric method.

Hybrid encryption is therefore recommended as a solution proposal.

The hybrid encryption is a mix of both encryption methods. For example, a symmetric key is exchanged using the asymmetric encryption method, so that the actual communication takes place symmetrically.

This not only avoids the computationally intensive and slow asymmetric method, but also the key exchange problem.

Key pairs can be created, for example, using the **Diffie Hellmann method**. This method is based on mathematical calculations and information between communication partners.

The name **RSA** comes from the first letters of the surnames of the mathematicians who discovered the method.

This is one of the most commonly used asymmetric methods, which is used to encrypt and create **digital signatures**.

RSA has the properties that plaintext letters are not always the same ciphertext letters. It also consists of a key pair - the private key cannot be calculated from the public one.
This method is therefore considered secure, as there is currently no algorithm that can factorize a number larger than 789 bits into its prime factors. Modern RSA encryptions therefore have a minimum length of 3072 bits.

To decrypt an RSA system, additional information is required, which is only contained in the private key.

The private key consists of a one-way function, meaning that the function is easy to calculate but cannot be reversed. The required additional information makes it easy to perform the reversal again.

As mentioned earlier, the RSA procedure can be used to create a digital signature that serves to authenticate the sender.

Unlike with asymmetric encryption, the sender creates the digital signature of the message using their private key, so the recipient can verify the digital signature with the public key.
There are two types of signatures: **universal** and **non-universal**.

The private key is used to create a signature that is attached to the transmitted message. If a third party intercepts the communication channel, they can also verify the sender's authentication.*

The digital signature is also encrypted with the recipient's public key, so only they can verify the authenticity of the sender.

*The authenticity of the sender does not necessarily need to be kept secret at this point.

The main task of SSL is to give the WWW user the assurance that he or she is communicating securely with the server and to secure the protocol HTTP (= Hypertext Transfer Protocol). The URL is displayed as

SSL certificates authenticate the online identity and consist of a key pair and verified identification data. Certificates can be requested from a certification authority.

During a connection, the identity of the web server is requested, so a copy of the SSL certificate is sent to the requesting browser.

After the browser has verified the trustworthiness, the server can send back a digitally signed confirmation. If there is a match, an SSL encrypted session can now be initiated.

This process is called the

The AES algorithm is a symmetric encryption method that uses only one key.

AES is a block cipher, and the block size depends on the key length. The length can be 128, 192, or 256 bits.

The predecessor DES = "Data Encryption Standard" was replaced by AES **= "Advanced Encryption Standard"** due to its short key length of 56 bits.

As computer processing power increased, DES was no longer able to provide sufficient security.

The special feature of this encryption technology is the transformation applied to each block.

The encryption applies 4 different procedures to transform the blocks, and these procedures are applied repeatedly in multiple rounds.

This process is applied in **various areas**, including data transfer using WLAN or VPNs, or in general data transfer.

Secure your data in a securely encrypted cloud, with a sustainable data center in Germany.

Save your data securely now

End-to-End Encryption (E2EE) fully encrypts data between sender and receiver and can only be decrypted with the key of the desired recipient. The encryption and decryption process only takes place at the endpoints of the transmission.

E2EE uses several encryption techniques, usually employing hybrid encryption for key exchange.

The transmitted data is encoded using the symmetric

For even more security, digital signatures can be added to the encryption to verify access authorization.

E2EE promotes data privacy, as there is no access to personally identifiable information, while also preventing unwanted access to data exchange.

Furthermore, it is a secure method of communication since the key granting access is only known by the sender and receiver.

Did you know that your data is also locally end-to-end encrypted with SafeSync?

Learn more about SafeSync

**Sources:**

Studyfix: Verschlüsselungsalgorithmen (accessed on August 22, 2021)

Boxcryptor: Encryption (accessed on August 24, 2021)