What is Encryption?
Encryption transforms readable data (plaintext) into scrambled data (ciphertext) using mathematical algorithms and keys. Only someone with the correct key can decrypt and read the original data.
Plaintext: "Hello World"Key: secret-key-123Ciphertext: "x8Kj2mNp9qRs..."
Symmetric vs Asymmetric
Symmetric Encryption
Same key encrypts and decrypts. Fast and efficient for large data. Challenge: how to share the key securely?
- AES-256 - Gold standard, used everywhere
- ChaCha20 - Modern alternative, mobile-friendly
Asymmetric Encryption
Two keys: public key encrypts, private key decrypts. Solves key exchange problem but slower.
- RSA - Widely used, based on prime factorization
- ECC - Smaller keys, same security level
HTTPS uses asymmetric encryption to exchange a symmetric key, then uses that fast symmetric key for the actual data. This hybrid approach is standard.
HTTPS Explained
HTTPS (HTTP Secure) encrypts your connection to websites using TLS (Transport Layer Security).
- Look for the padlock icon in your browser
- Your ISP can see which sites you visit, not what you do there
- Protects passwords, credit cards, personal data in transit
- Does NOT mean the website itself is trustworthy
End-to-End Encryption
With E2EE, only the sender and recipient can read messages. Even the service provider cannot decrypt them.
| Service | E2EE by Default | Notes |
|---|---|---|
| Signal | Yes | Gold standard |
| Yes | Uses Signal protocol | |
| iMessage | Yes | Apple-to-Apple only |
| Telegram | No | Only "Secret Chats" |
Encryption at Rest
Protecting stored data on your devices:
- Full Disk Encryption - BitLocker, FileVault, LUKS
- File Encryption - VeraCrypt containers
- Phone Encryption - iOS/Android encrypt by default