At one time, encryption was used only by governments, militaries and others who trade in highly secret materials. But as Dylan says, the times, they are changing. Encryption is rapidly becoming a standard feature of the tools you use every day, from Dropbox to your inbox.
You use encrypted connections any time you buy something on Amazon or pay your credit card online, but how does encryption protect your data?
Encryption is the process of making data unreadable to anyone but individuals that you choose. When you encrypt data, pass it through a cipher, an algorithm that encodes your data according to a key. After data is encrypted, only those with the key can decrypt and read the contents.
The strength of the encryption method does not come from the system (or cipher), but from a key that you own. While the cipher is the engine for encryption, the key is what shows the cipher precisely how to encode your data. Therefore, as long as your key isn’t discovered, your data is impenetrable.
So, how difficult is it to crack a key?
Most forms of encryption are based on the Advanced Encryption Standard (AES), which can provide 128, 192, and 256-bit keys. The bit length of a key specifies its strength — the longer the key, the harder it is to crack. In order to brute force (attempt every possible combination) a 128-bit key, it would take the fastest supercomputer in the world twenty five years. (If that sounds like a long time, consider that Virtru uses 256-bit keys — so they’re exponentially harder to hack.)
How encryption works varies depending on what you’re encrypting, but most of us are familiar with using encrypted connections online. When you need an extra layer of security, like when you’re checking out at your favorite online retailer, your browser uses either TLS (Transport Layer Security), or its predecessor, SSL (Secure Sockets Layer) to encrypt the connection.
When you checkout, your computer initiates a handshake by sending a packet of information to the server it is trying to connect to, asking it to verify its identity. The server sends back a digital certificate, a piece of code that contains both a public key and an encrypted signature that proves that the server isn’t an imposter.
The public key attached to the certificate can then be used to send encrypted messages to the server, but it can’t be used to decrypt those same messages — in order to do that, you need the private key, which only the server has.
How encryption works with email depends on the protocol used. PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions) use a combination of all of the above strategies to send and receive encrypted email.
PGP and S/MIME both provide client-side encryption, meaning that your message is encrypted from the time you send it to the time the receiver decrypts it. When your message is sent, no one — not even your email provider — can see the content of the messages, as they do not have access to your key.
The downside is that PGP and S/MIME are difficult for the average user to configure for daily use. Additionally, unless the person you’re sending email to is also using the same protocol, the recipient won’t be able to decrypt their message.
PGP requires users to go through a key exchange before they can send encrypted messages. This means that if you’re trying to send an encrypted message to a colleague using PGP, you first must retrieve their public key. If you happen to lose that key for any reason, you have to repeat the process again.
S/MIME, on the other hand, requires individuals to purchase digital certificates through a certificate authority (CA). While some CAs will offer free digital certificates for individual use, they charge a fee for digital certificates used for business.
Virtru streamlines the process of client-side email encryption. As with PGP and S/MIME, your data cannot be read by your provider, nor can it be read by anyone else who does not have the key. However, Virtru is an add-on that works seamlessly with your existing email service, like Gmail, so you get the same protection with no complicated setup process.
Virtru gives you the ability to enable true client-side email encryption without the hassle of a key exchange or a digital certificate. Likewise, since you don’t have to juggle any keys, anyone, anywhere can access encrypted email you send to them — provided you give them permission.