Cipher

A cipher is another name for an encryption algorithm used in cryptography. Encryption algorithms turn a plaintext value into ciphertext, a scrambled, indecipherable value representing the secret value. Only a person with the cipher key can distinguish the ciphertext value and reveal the plaintext value. Encryption algorithms hide sensitive data for security as data passes from a source to a destination or to avoid disclosure if data storage is compromised.

Encryption ciphers protect data as it passes across a public network, including the Internet. Any data passing over the Internet can be eavesdropped as it hops from router to router and server to server. As traffic passes to other networks, the administrators of those networks can log data contained in IP packets. This leaves your data open to theft as it’s now stored in multiple locations.

Ciphers scramble data so that it’s only readable by intended recipients. A cipher uses a key to encrypt data. The key could be symmetric or asymmetric. In a symmetric cipher algorithm, the same key encrypts and decrypts data. An asymmetric algorithm uses a different key to encrypt and decrypt data, also known as a public-private key combination.

Public-private asymmetric encryption ciphers are popular with internet communications. The initial SSL/TLS handshake during the connection between your browser and a web server uses public-private key encryption. The asymmetric key encrypts the symmetric key sent to the webserver to avoid exposing the symmetric key as it passes over the Internet. A public key can encrypt data for an intended recipient—in this case, the web server—but only the private key for the public-private key pair can decrypt data.

Similarly, web traffic is encrypted and decrypted with a symmetric key. A symmetric key encrypts and decrypts web traffic, so the sender and recipient have the same key. The symmetric key should be kept in a safe location, or all traffic sent with the symmetric key could be disclosed to a malicious third party. In public-private key encryption, the private key must be kept in a safe location to secure data from being disclosed.

Both symmetric and asymmetric cipher algorithms have their subsets. For example, RSA and ECC are two public-private cipher algorithms. AES, DES, and Blowfish are three examples of symmetric key encryption. Some ciphers must be updated, and outdated algorithms should not be used. Outdated ciphers are vulnerable to brute-force dictionary attacks, meaning the key can be disclosed with enough iterations and computing power.

It's important to note that ciphers are two-way encryption algorithms. They differ from hashing algorithms, which are one-way methods of scrambling a sensitive value. Ciphers use keys to encrypt and decrypt, but hashes cannot be decrypted.

As computing power improves, current ciphers will no longer be secure. High-end computers can use brute force methods to obtain keys from older algorithms, so new ones are formed to improve security. Always check that any cipher algorithm you use to encrypt data is the most updated and cryptographically secure.

Learn More

Related Terms

• Encryption
• Phishing
• Access Control List (ACL)

Further Reading

• Phishing Attack Examples and how to Prevent Them
• Complete Network Security Checklist
• Multi-Layered Approach to Phishing Protection

How Can TitanHQ Help?

TitanHQ offers various solutions to protect against bruce force attacks:

• Email Security Solution: Blocks phishing emails that could be used to steal encryption keys or credentials, preventing attackers from attempting brute-force decryption on cipher-secured data.
• Web Security Solution: Prevents access to dangerous websites where encryption keys or sensitive information might be exposed, safeguarding cipher-protected data from unauthorized decryption.
• Security Awareness Training Solution: Educates users on data encryption practices, phishing awareness, and the importance of secure key storage, ensuring that cipher-secured information remains protected against unauthorized access.