You don’t have to have anything to hide to want to keep people out of your computer. You don’t even have to justify wanting to keep prying eyes out, you only have to do it. After the Snowden revelations, we have had more people than ever before ask us about IT security. About how to protect data, how to keep the government from spying on them and about encryption.
The thing about encryption is that to many people it is just a word. So today’s post is all about encryption. What it is, what it can do and how it can protect your data.
What is computer encryption?
Encryption uses math to scramble plain text into a special code. Using a specific set of mathematical rules, encryption software takes a piece of plain text, puts it through an algorithm and generates a code. The code will look like gibberish and mean nothing to anyone who doesn’t have a key to unlock it.
That key is called a cipher. Ciphers have been used for over 2000 years in one form or another. Ciphers can be very complicated which means the average person, or computer could take thousands of years to decode them.
We use encryption all the time but are usually not aware of it. Every time you log into your bank online, every time you join a wireless network, any time you buy something or visit a site that uses HTTPS, you are using a form of encryption. This is ‘in transit’ encryption used for data being transmitted over the internet. ‘In place’ or ‘at rest’ encryption is where you encrypt a disk or a file on a computer.
Encryption is graded on bits, so 128-bit encryption, 256-bit and so on. A 128-bit encryption key has 300,000,000,000,000,000,000,000,000,000,000,000 potential cipher combinations. The usual standard is 256-bit, which has 2256 possible combinations. If the math intrigues you, check out this Reddit post.
There are two main types of encryption symmetrical and asymmetric. Symmetrical uses the same key to lock and unlock encrypted files. Asymmetrical uses different keys, one to encrypt and a different one to decrypt some of the most common encryption uses asymmetric encryption.
So how does computer encryption work?
Computer encryption uses specific software that can generate very complicated ciphers and scramble your files and folders. It would scramble them so much that they would only be readable once decrypted or unless someone had a supercomputer and several years to decrypt them forcefully.
A typical encryption program will install on your computer like any other program. You use it to create an encrypted drive or folder and a password to protect it. That password is your cipher and will unlock the data you encrypted. The encryption program will ask you to specify a type of encryption and will then do its work.
The password it asks you for is the key to unlocking everything so it pays to make sure it’s a good one. The usual password rules apply here:
- Never use a dictionary word.
- Use a passphrase instead of a password.
- Make it as many characters as practical.
- Use upper case, lower case, numbers and special characters.
For example, say you wanted to encrypt a file with one line of potentially dangerous text on it. You ask your encryption software to encrypt the text file, enter your password and it does this:
Text before encryption: ‘I love country music but nobody must know’.
Text after encryption: ‘;khghiuo5rnb5rttau4q890[6gnv’a490jgzkl;hjkfdtgngbhiotr-0’.
You may notice that the encrypted text is longer. The encryption software will randomly insert specific characters in places to pad out the text. This is another way of hiding text as it is something else for the hacker to have to work out.
The example is obviously super-simplified, but you get the point. Encryption software scrambles your files and folders until only a supercomputer could stand even the remotest changes of decoding them. To use that data, you usually double click as usual and your encryption software will prompt you for your password or cipher. Enter your password and the software will decrypt the data into usable form once more.
Should I encrypt my data?
Encryption software does most of the heavy lifting here but there is still a bit of an overhead in terms of disk space and processing. So is it worth it? Do you need to encrypt your data?
I think everyone should encrypt their data, especially if it’s on a laptop or mobile device. Even if the government doesn’t want to spy on you, thieves or hackers would never say no. Encryption protects you from hackers, most malware and viruses and anyone who wants your data. As long as they cannot get access to your key to unlock the files, they won’t be able to access your stuff. For that reason alone, I think everyone should use encryption.
It isn’t necessarily about government spying, it is about personal privacy and security.
How can I encrypt my data?
There are a few options depending on what device you’re using.
- VeraCrypt is a freeware tool that is very, very good.
- Use FileVault if you use a Mac as it is built in.
- Windows as BitLocker
- Smartphone encryption is covered here. Or use Signal.
- Your internet can largely be encrypted with HTTPS Everywhere.
Each of these options works in much the same way. Enable or install the encryption program, set a drive or folder, give it a secure password and encrypt. All you have to do is not forget that password!
What about backdoors?
Whenever there is a discussion about encryption the term ‘backdoor’ also rears its head. Given the high profile Apple vs. FBI case not long ago and the repeated attempts by the government to increase surveillance, they understandably don’t like encryption. So much so that some officials want security companies who develop encryption software to let them have a key that would access encrypted data should they need to. This is a backdoor.
Fortunately, nobody is enforcing this right now and companies (as far as we know) have not built backdoors into encryption software. That isn’t to say they haven’t but that we don’t think they have. There are of course rumors, but nothing concrete.
Encryption is a good idea for anyone who runs a business or anyone who wants to keep their stuff secret. It is simple, free and legal. If someone does get ahold of your laptop or hack your computer, if your files are encrypted there is nothing they can do. For that reason alone I think encryption is worth doing.