Published on April 12, 2018
By Brian Smith, Chief Technology Officer
At Hushmail, we talk a lot about encryption because that’s what we do - provide a secure, encrypted email service that’s reliable and easy to use. But have you wondered what “encrypted” actually means and how it works to ensure your email is kept safe and confidential? In today’s post, we’re taking a closer look at what we mean when we say your email is encrypted.
The easiest way to grasp the concept of encryption is to consider a cryptogram. Cryptograms are word puzzles that consist of a quote or saying that is unreadable at first glance because the words are written in code.
RERUYHXR BP RXKBKZRI KH KORBU RSGBZ AUBEGMY MOHHPR TOBMO RSGBZP YHV TGXK KH PRXI VPBXD HVU AHTRUJVZ RXMUYAKBHX GXI WRRA YHVU SHPK ARUPHXGZ MHXERUPGKBHXP AUBEGKR GXI MHXJBIRXKBGZ.
Consider the phrase above. Can you read it? Probably not, because you don’t have the key. The key tells you a corresponding letter for each letter in the puzzle. If you don’t have the key, you might be able to figure it out by first looking for the most common letters and testing possible combinations. This is called frequency analysis.
We’ll give you a few letters to get you started:
R=E, K=T, G=A, A=P
So far, the key looks like this:
Therefore, every G in the puzzle will be an A, every R will be an E, and so on. Give it a try and see if you can figure out the rest. For the answer, scroll to the bottom of the post.
When you create a cryptogram, which you can do quite easily by finding an online cryptogram creator, you have encrypted information. When someone solves the puzzle by figuring out the key, they have decrypted the information.
Yes and no. While it’s true that encryption involves using a key to encrypt information, much like a cryptogram, there are some important differences. First of all, modern encryption uses numbers instead of letters. Computers treat everything as a series of numbers, even videos and images, and this is why the cryptogram approach works so well for encrypting digital information. Information of all types can easily be encrypted using numbers, just the way messages are encrypted using letters in a cryptogram.
However, if you could use frequency analysis to search for the most common numbers, and figure out the key as easily as a cryptogram, that wouldn’t bode well for encrypted information we assume is secure. Instead, modern encryption uses a process where the key keeps changing as you use it. An encrypted number never maps to the same piece of information twice, so the key can’t be guessed or figured out. This type of encryption allows you to encrypt and send text, images, and videos as sequences of numbers that are only readable to those with the correct key.
You might not be aware of it, but you encounter encryption multiple times a day in your online life. When your web browser is communicating with another computer (or web server), you will often see a padlock icon and the prefix “https”. This means encryption is being used to protect your information as it goes from your computer to that web server. You’ll see this when you do your online banking, visit Facebook, or make a purchase on Amazon. Start looking for the padlock when you’re online. You might be surprised by the websites that encrypt your information and those that don’t. However, keep in mind that where your information goes after it gets to that web server is more complicated. It will be decrypted at the web server and could then be sent to other computers and databases where encryption may or may not be used.
On Windows and Apple operating systems, encryption can be turned on so it uses your password as a key to encrypt all the data on your hard drive. That way if someone steals your computer, unless they can guess your password, they can’t steal the information.
If you have any questions about how encryption is protecting your Hushmail communications, please contact us, and we’ll be happy to fill you in.
Everyone is entitled to their email privacy. Choose which emails you want to send using our powerful encryption and keep your most personal conversations private and confidential.
Brian started working on the technology that powers Hushmail in 1998 while still a computer science student at the University of Texas. He moved to Vancouver in 1999 to help the company launch, and has been Hushmail’s CTO since 2002. Early in his career, Brian was focused on the software and systems architecture that would allow Hushmail to provide and scale high security web and mobile applications. Now he divides his attention between building technology, team development, and understanding the requirements of Hushmail’s customers. Most recently, he has been focused on the unique security and usability needs of the healthcare sector where Hushmail’s technology is particularly applicable. Brian lives in Vancouver with his wife, son, and daughter, and travels often to Korea and Alabama.