An Introduction to Internet Encryption
Look at your URL bar right now. Do you see “https” in the website address? If it’s there, then be reassured — you aren’t at great risk. Does it only say “http” without the “s”? Then you should be worried.
What does “https” mean?
HTTPS stands for Hypertext Transfer Protocol Secure and it means what it sounds like it means — that your connection is secure. When a website you visit has HTTPS in the address bar, your computer and that website are exchanging data via secure channel. Usually, this is delivered using protocols called SSL (Secure Sockets Layer) and TLS (Transport Layer Security).
In August 2018, the Internet Engineering Task Force passed the most recent standard for internet encryption — TLS 1.3. This standard update requires the generation of a new key pair, otherwise known as ephemeral keys, with every session. By creating ephemeral keys for every session, perfect forward secrecy is enforced. This means that if a hacker cracks one key and compromises a communication session, he/she cannot crack other communications from the past or in the future.
The key generation method required by TLS 1.3 is called Diffie-Hellman Ephemeral or DHE. It is an algorithm built for robust cryptography and efficient ephemeral key creation.
How does DHE work?
For those of us who did not study computer science or computer engineering (or maybe just forgot), I am going to explain the basics of DHE with paint. Yes, you read that right.
Let’s say Alice and Bob want to share a secret color that they don’t want anyone else to see. First, they each agree to a starting color that anyone can publicly see, say yellow. Second, Alice and Bob randomly select each of their own private colors to mix with yellow. Alice chooses red, and Bob wants blue. Alice’s mixture turns orange, and Bob’s turns green. Both mixtures disguise each of their private colors. Third, Alice sends her orange mixture to Bob, and Bob sends his green mixture to Alice. Someone from the outside looking at this exchange sees the colors yellow, green, and orange, but they cannot see the private colors.
Finally, the magical step of the exchange: both Alice and Bob add their private colors to the mixture they received. Alice adds red to the green mixture, and Bob adds blue to the orange mixture. The final mixtures reveal the same brown-hued color for both Alice and Bob, their shared secret color. That person watching from the outside cannot see the shared secret color because they do not know what colors Alice and Bob added in private. To see this demonstration live, watch this video.
Compromised data is everyone’s worst nightmare. A hacker can sell your information on the dark web, leak classified documents, demand ransom for information or photos, and track movements and activities. Hackers will use linked payment accounts to shop, expose your intellectual property, and steal your identity. The best way to prevent this is to use encryption in your network. And the most secure encrypted networks meet TLS 1.3 standards.
As you can tell, it is important to encrypt data so that it remains secure.
But what is more important than encrypting traffic? Decrypting it.
To find out more on the math behind DHE and how to deploy both encryption and decryption in you network, check out the white paper How Internet Encryption Works and Why It’s Important.