This tutorial explains what data encryption is and how it works. Learn the basic concepts of encryption, types of encryption, and differences between Symmetric and Asymmetric encryption.

### What is encryption?

Encryption is a technique of encoding a data packet in such a way that only the intended device can decode it. It allows two devices to exchange data packets securely over a public network.

The method the sender device uses to encode the data is called the **encryption algorithm**. To encode a data packet, the sender device uses a data string of random characters. This string is called the encryption key. The length of an encryption key is measured in bits. A 56-bit key contains a data string of 56-bit.

## Types of encryption

Devices exchange data packets in sessions. A device starts a new session to send or receive data. Once the data transmission is complete, the device terminates the session. In each session, devices exchange encryption keys before starting the data transmission.

There are two types of encryption: symmetric encryption and asymmetric encryption. In **symmetric** encryption, the sender device and receiver device use the same encryption key to encode and decode data packets. In **asymmetric** encryption, both devices use different encryption keys to encode and decode data packets.

## How does encryption work?

Symmetric encryption is faster than asymmetric encryption. But it is less secure than asymmetric encryption. Asymmetric encryption is slower than symmetric encryption. But it is more secure than symmetric encryption. Normally, devices use both types of encryption to get both speed and security, They use asymmetric encryption to share symmetric keys during the session initialization. Once the session is established, they use symmetric encryption to exchange data packets.

Let's take an example to understand how this process works. The following image shows a simple network. In this network, a pc named PC-A wants to download some files from the server named Server0.

Since there is no active session, both devices use asymmetric encryption to start a new session. As mentioned earlier, in asymmetric encryption, devices use different keys to encode and decode data packets. They use keys in a pair.

A pair includes two keys: one to encode and one to decode. The key used to encode data packets is called the **public** key, and the key used to decode the data packets is called the **private** key. A data packet encoded by a public key can be decoded only by the private key.

A device shares its public key with the device that wants to connect with it. To share the public key, devices use digital certificates. A **digital certificate** is signed and authenticated by a trusted third party, called a *certificate authority*. From the digital certificate, a device can verify the identity of the device that shares the public key.

In the above example, PC-A wants to connect to Server0. So, in the first step, PC-A requests Server0’s digital certificate. In the second step, Server0 provides its digital certificate. The digital certificate contains Server0’s public key. In the third step, PC-A checks the received digital certificate to verify the provider. If the digital certificate is correct, PC-A extracts the public key from it. In the fourth step, PC-A generates a new key called a **session** or an **encryption** key by using the extracted public key and sends it to Server0.

In the fifth step, Server0 uses its private key to extract the session key. In the sixth step the initialization process ends. PC-A and Server0 have used asymmetric encryption in the initialization process to know the session key.

At this time, both PC-A and Server0 know the session key. After learning the session key, they use symmetric encryption to exchange data packets. They use the session key to encode and decode data packets.

### symmetric encryption examples

DES, 3DES, and AES are some popular encryption algorithms that use symmetric encryption.

###### DES (Data Encryption Standard)

It was developed in the mid-1970s. It uses a 56-bit key. It is not used nowadays.

###### 3DES (Triple DES)

It was developed in the late 1990s. It uses three 56-bit DES keys; where all three keys can be different (*provide maximum security*), can be the same (*provide backward compatibility with DES*), or two keys same and one key different (*provide compatibility and security*).
Since it uses DES keys, it can be used with a DES algorithm.

###### AES Advanced Encryption Standard (AES)

It was developed in 2001. It is available in three versions: 128-bit key, 192-bit key, and a 256-bit key. It is considered a strong encryption algorithm.

### asymmetric encryption examples

RSA, DSS, and ECC are some popular encryption algorithms that use asymmetric encryption. RSA algorithm allows you to set key size in a multiple of 256.

That’s all for this tutorial. In this tutorial, we discussed what encryption is, how encryption works, and the types of encryption.