Virginia Tech® home

Encryption 101

padlocks sitting on a keyboard

Would you ever intentionally leave your front door open when you go out? Probably not.

Now, think of the times you’ve shopped online. Without encryption, the information you enter would be as easy to grab as it would had you left your door open and credit card sitting on the kitchen table. 

What is encryption? 

Simply put, encryption helps secure data by converting plain text (i.e., your credit card number) into a bunch of nonsense characters, rendering it useless to unauthorized parties. 

Encryption works by using algorithms that contain designated strings of characters called ‘keys’. A key is required both to encrypt the data (turn it into a bunch of nonsense), or decrypt the data (revert it to plain text). It’s similar to locking and unlocking a door. If you have the key to the door, you can lock and unlock it. Without the key you can stare at the door, but you're not going to get the stuff inside.

Sometimes the same key is used to encrypt and decrypt the data, and sometimes there are different keys used to encrypt and decrypt the data — if you're curious to learn more about the different types of encryption, this article is a good place to start.

Why is encryption important? 

Encryption helps to keep sensitive information that is sent over the web safe and private. Just as important is knowing how to confirm that the apps and websites you use encrypt user data, and how to spot sites that may not. Here are a few tips: 

  • Use websites with "https." These sites use the current standard security protocol called transport layer security (TLS), which both encrypts data and authenticates the parties exchanging data. Some, mostly older, sites still have only "http" and are considered not secure — your browser may alert you of this. 

  • Make sure the wireless networks you join use WPA (Wi-Fi Protected Access) at a minimum. The latest version, WPA3, provides the most robust protection. For more on the different levels of wireless security, and how to check the security of your networ, read this article. If a network is still using the old WEP (wired equivalent protection), don't use it. 

How to make sure your data is encrypted when you want it to be

When you’re sending and receiving data (i.e., submitting an online shopping order), as long as both parties are using a secured network and up-to-date protocols such as "https," your data should be encrypted.

Check your browser bar for a closed padlock (in Chrome, open the little node icon next to the web address) to make sure your connection is secure. Always follow basic security tips and only do business with reputable companies.

But what about files that are just sitting on your desktop or phone that you want to protect? Both Adobe Acrobat and the desktop versions of Microsoft Office apps offer built-in options to encrypt documents by applying a password. You can also purchase encryption tools from various vendors. The IT Security Office offers guidance on encrypting files on your computer

Be aware of how encryption can be used against you

We'd be remiss not to mention that encryption can be used maliciously sometimes. Ransomware attackers use encryption to lock up their victim's files, and then demand a ransom to provide the key to decrypt the files. The 4Help Knowledge Base offers information on how to protect yourself from ransomware.

By and large, however, encryption is a vital part of cybersecurity, and knowing the basics about how encryption works can help you avoid potential threats and stay safer online.