# Data Encryption

What is Encryption? Encryption is a technique to achieve **Data Security**. According to GDPR (General Data Protection Regulation), **Data Security **is required and very much important.

## How does Encryption work?

## Plain Data

It is the data that you want to encrypt so that no one can read the actual data. It can be the **password**, **credit-card** no. of the user, etc.

## Algorithm

**Set of Instructions** by which the data must be encrypted. You can use any predefined algorithms such as **AES** and **RSA** or you can create your own.

Let's take an example of a custom algorithm. In this algorithm, *we will convert/change every letter of Plain data to the next coming letter. *For e.g. **a **will be converted to **b **and **b **will be converted to **c **and so on….

Suppose the Plain data is **“hello world”** and the above algorithm will encrypt this data to **“ifmmp xpsme”**. But here the problem is, this encrypted data can be decrypted easily as this is just **letter masking**. Having this type of simple algorithm for all users in your database is not secure.

Another example of a simple algorithm is **Base64Encode**. You can encode your plain data using base64 but this is also not secure.

So to secure your algorithm, you must use some kind of **Key **to encrypt your data.

There are **two types of algorithms**. One is **Symmetric** and another is **Asymmetric.**

**Symmetric: **The algorithm in which the same key is used for encryption and decryption such as AES.

**Asymmetric: **The algorithm in which different keys are used for encryption and decryption. The key used for encryption is called **public-key **and the key used for decryption is called **private-key**. An example of such an algorithm is RSA.

## Key

The Key is very important in your algorithm to encrypt the data. The algorithm without the key is not secure. You can consider this a kind of **password**. For the hacker to decrypt the encrypted data, he/she first has to hack the **Key, **and then only after that he/she will be able to decrypt your data.

For the AES (Advanced Encryption Standard), Key is called **Secret Key.**

For the RSA (Rivest–Shamir–Adleman), a pair of **public and private keys** is used.

## Cipher Data

This is the encrypted data.

**TIPS**:

- Choose a
*unique and secure*Key for Encryption/Decryption of data. - Don’t hardcode the Key such as “my-secret”, “my-key” etc.
- You must use a separate key for each user. It can be the account creation time of the user.
- You can ask for a
**master password**from the user to encrypt/decrypt the user data. But make sure to save this master password also in encrypted form.

# Encryption Example

Let's take an example of AES encryption:

**Plain Data:** Credit Card no. = 355016266388724

**Key: **For **128-bit** encryption, we need a key of **length 16**. For **192-bit** encryption, we need a key of **length 24. **For **256-bit** encryption, we need a key of **length 32.**

Let’s use **128-bit** encryption and consider the key is **GQYdm0UqkNRnhbdt**

**Cipher Data:** **qoexArimzTTex9QU5K0i8A==**

Thank you for reading the article. Let me know if you have any query :)