The type of encryption that you require depends on the content that needs protecting.   blurb_image_mailA majority of people today can no longer imagine life without the Internet. It is hard for us to imagine our private and professional lives without it. The Internet is the place where we buy our goods, carry out business, communicate and book our next summer holiday. However, each one of these actions almost always involves sensitive and personal information that should not fall into the wrong hands. That is why encryption technology has been developed to make online activities more secure. Nonetheless, the abbreviations and names used for encryption can sometimes be just as cryptic as the technology behind them. In order to shed some light on the subject, we would like to give you a short overview of the different possible encryption methods.   Fundamentally, it’s the aim of encryption to increase content security. Messages such as emails or files are made illegible to third parties so that only the people with the key are able to read the content in plain text. This protects the contents against unauthorised access.   In the field of IT, there are several different things that can be encrypted: it is not only the emails or files themselves that can be protected, but also the transport channel that they take. Often, it is only this transport channel that is encrypted, while the content is not – the inverse can also be true.  We will now try and explain these differences.   In order to encrypt the transport channel, TLS encryption technology (‘Transport Layer Security’) is employed. This is also sometimes referred to by its previous name, SSL (‘Secure Sockets Layer’). In this case, this is a protocol for the protection of data when users are communicating via applications online – in other words, whenever sensitive information is being exchanged over an otherwise insecure Internet connection. TLS/SSL may be used for an HTTPS Internet connection, for example. This might be in online banking, emails that are sent via Web browser, and so on. This also has a major advantage: users do not need any prior knowledge when it comes to HTTPS-encrypted Internet connections, the browser sets them up automatically.   TLS is also used for transmitting emails, both between the user’s mail program and the provider’s mail server, and between the mail servers of different providers. This is generally a good thing, since most emails are transmitted via public or open networks.   However, TLS is not sufficient for encrypting or signing emails themselves, since although the transport channel being used is secure, the electronic message itself is not encrypted when it is with the provider, which means that they or anyone else with the appropriate access rights are able to view it. This means that further procedures are required for encrypting the email itself. PGP (‘Pretty Good Privacy’) and S/MIME (‘Secure/Multi-purpose Internet Mail Extensions’) are two possible alternatives. Both technologies are based on the same principle: they utilise so-called asymmetrical encryption with a key pair that is made up of a private and a public key. One of the two keys is used for encryption, while the other is used for unlocking.   The public key belonging to the recipient is used when encrypting a message. The recipient is the only person who knows the corresponding private key, which means that only he or she can unlock the message again. This principle is simply reversed for the signature process: in this case, the sender’s private key, which only he knows, is used for encryption. Since anyone can view the corresponding public key, it is possible to check the authenticity of the email.   PGP and S/MIME make it possible to send and receive messages in a secure manner. The message arrives at the provider in encrypted form, so that it is impossible for anyone without the key to view the contents in plain text. However, encrypting the email itself does have a disadvantage: both the sender and recipient need to know the public key of the other partner. These keys have to be exchanged securely in advance. In the case of PGP, this exchange is organised between the partners directly, while in the case of S/MIME, a so-called ‘Public Key Infrastructure’ (PKI) takes care of the exchange. That is why, when using S/MIME, it is usually sufficient to have the key certified by a well-known ‘Certificate Authority’ or CA. They can then automatically be used via established mail programs and are recognised by both sides.   One other disadvantage of asymmetrical encryption: it is relatively slow and complex. This means that significantly faster symmetrical encryptions such as AES (Advanced Encryption Standard) are often used for encrypting files and electronic documents. This is the method that antispameurope’s HORNETDRIVE solution uses for encrypting all files with an AES-256 key (256-bit length) before they are transferred. However, the problem of exchanging the key in order to provide different devices or people with access to the data also arises here.  Here in turn, HORNETDRIVE uses asymmetrical encryption to securely exchange the symmetrical key being used.   In short: the type of encryption that you require depends on the content that needs protecting. Nevertheless, in the age of increasing Internet surveillance, encryption should be used whenever possible. This particularly applies in the case of sensitive information, business-related or personal content.