The process of securing private information that is passed through public networks by mathematically scrambling (encrypting) it in a way that makes it unreadable to anyone except the person or persons holding the mathematical “key” that can unscramble (decrypt) it.
The two most common types of cryptography are “same-key” and “public-key.” In same-key cryptography, a message is encrypted and decrypted using the same key, which is passed along from one party to another in a separate transmission. A more secure method is public-key cryptography, which uses a pair of different keys (one public, one private) that have a particular relationship to one another, such that any message encrypted with one key can only be decrypted with the other key and vice versa.
Frequently Asked Questions
How is cryptography used on the Web?
If you have ever shopped online, chances are you had to enter your credit card information to pay for the items you purchased. Sending a credit card number over the Internet can be risky business, because anyone could intercept that transmission. To prevent that, websites use a variety of security measures, most of which involve some form of cryptography. Most websites utilize SSL (Secure Sockets Layer), a public-key encryption system, to secure the connection between your web browser and their web server. Any information you send to the site, or that the site sends back to you, is encrypted while it is transferred from one to the other, protecting credit card information, passwords, personal data, or anything else you need to enter.
Several other forms of cryptography are used on the web to protect thing like email transmissions, private chats, business transactions, and more.
How do I know if a site is secure?
When you visit a site using SSL, a lock icon will appear either to the left of your browser’s address bar or along the bottom of your browser window. Hovering over the lock will tell you who verified the site’s security certification, or you can click on the lock for more information. This lock may also have a red slash across it, indicating some of the contents on the page are secure, while other may not be. If the site’s certificate is out of date or invalid, your browser should provide a warning to let you know.
How is public key encryption secure if it’s public?
Any data sent over the Internet can be intercepted, whether encrypted or not. In the case of public key encryption, your information is encrypted both by a private key known only to your computer and by a public key available to anyone. If that information is intercepted before reaching its intended recipient, the data thief will be unable to decrypt the message without the private key known only to the recipient’s computer.