Welcome » IT Booklets » Information Security » Security Controls Implementation » Encryption » How Encryption Works
In general, encryption functions by taking data and a variable, called a "key" and processing those items through a fixed algorithm to create the encrypted text. The strength of the encrypted text is determined by the entropy, or degree of uncertainty, in the key and the algorithm. Key length and key selection criteria are important determinants of entropy. Greater key lengths generally indicate more possible keys. More important than key length, however, is the potential limitation of possible keys posed by the key selection criteria. For instance, a 128-bit key has much less than 128 bits of entropy if it is selected from only certain letters or numbers. The full 128 bits of entropy will only be realized if the key is randomly selected across the entire 128-bit range.
The encryption algorithm is also important. Creating a mathematical algorithm that does not limit the entropy of the key and testing the algorithm to ensure its integrity are difficult. Since the strength of an algorithm is related to its ability to maximize entropy instead of its secrecy, algorithms are generally made public and subject to peer review. The more that the algorithm is tested by knowledgeable worldwide experts, the more the algorithm can be trusted to perform as expected. Examples of public algorithms are AES, DES and Triple DES, HSA-1, and RSA.