What is encryption? - A complete guide by Proton

Encryption is the mathematical process of transforming information into an unreadable code, so that no one can decipher it unless they have the correct cryptographic key. Without encryption, anyone could intercept, read, or alter your sensitive data, including photos, passwords, and messages.

How does encryption work?

The most common way to encrypt information is to transform the readable text, known as plaintext, into unreadable text, called ciphertext, using mathematical operations known as algorithms. These algorithms use a cryptographic key, or a set of shared mathematical values (like prime numbers or elliptic curves), to scramble a file. Only the matching key can decipher the file and convert it back into its original format.

To someone without the correct cryptographic key, an encrypted file looks like random data, but encryption follows logical, predictable rules. It has to, because otherwise, decryption would be impossible.

The security of an encryption algorithm depends on its complexity. Modern encryption uses complex algorithms and strong key sizes so that even the strongest supercomputers cannot guess every possible answer in a reasonable amount of time.

Data is typically encrypted when it’s stored (“at rest”) and when it’s sent between devices (“in transit”).

Encryption example

One of the best-known examples of encryption is the Caesar cipher, used by Julius Caesar to keep his messages private. In this cipher, each letter in the original text is replaced by another letter moved up or down a fixed number of positions in the alphabet. For instance, by shifting three positions backwards, “A” becomes “X” in the ciphertext, “B” becomes “Y”, and so on.

Of course, ciphers (a specific algorithm used for encryption) have since evolved to become far more complex, making them much harder to crack. Modern encryption is handled by complicated algorithms that can encrypt plaintext and then decrypt ciphertext in milliseconds, so you don’t have to sacrifice convenience for security.

Types of encryption

Broadly speaking, encryption comes in two types: symmetric and asymmetric. Each has strengths and weaknesses.

• Symmetric encryption
• Asymmetric encryption

How does Proton use encryption?

At Proton, your privacy and security come first, which is why we design our apps to use end-to-end encryption (E2EE) and industry-leading cryptography.

Where applicable, our apps use E2EE, meaning your data is encrypted on your device and isn’t decrypted until it reaches its destination device.

Contrast this with your standard email or cloud storage service, which traditionally encrypts your message or file in transit, decrypts it upon arrival to its servers, and then re-encrypts it for storage — all using encryption keys that it controls. This is inherently less secure, as the service provider holds the keys it needs to access your messages or files at any time.

To apply E2EE, we use the OpenPGP standard, which combines the speed of symmetric encryption with the security of asymmetric encryption, similar to TLS. Additionally, OpenPGP is open source, meaning anyone can analyze it to validate and improve its security.

Each Proton service applies encryption differently, depending on how that service is used.

For more information about the encryption, you can check the complete guide here.