Perhaps the most prominent feature of VPNs (Virtual Private Networks) is encryption. The primary role of this type of software is to make you invisible on the Web. This is done by concealing your data - or encrypting. In fact, VPN encryption is one of the toughest security measures that make sure your data doesn't end up in the wrong hands. However, to use different types of encryption properly, you need to learn a bit about this side of VPN applications. This is precisely why we'll dedicate this article to VPN encryption.
You are most probably reading this article because you want to know more about VPN encryption. You want to learn how it works, what is it capable of doing, as well as what are the differences between different encryption protocols. We will cover all those questions, so let's dive right in right in.
Why Should You Care About VPN Encryption?
I hate to be the one to tell you, but as you sit there in your comfy chair, there are a million eyes on you. Watching what you do, where you go and figuring out what you’re thinking. Your personal information is a gold mine for large companies as well as for governments who may want to stop you from exercising your rights.
First and foremost, the IP address of your Internet router can be linked to your name and physical address, which means it’s possible to trace what you do on the Internet to your real location. That’s a horrifying thought. Secondly, even if your lack of privacy doesn’t come back to haunt you directly, your private information is being sold to corporations, marketing companies and whoever else has the money to pay for it. This is how they create formulas to know what we’ll buy, what we’ll do and even how we’ll vote.
We don’t know about you, but we don’t feel comfortable with some faceless company buying our personal info for their own financial gain. Surely, there must be some way to protect yourself from these dark forces and assorted marketing people?
VPN Encryption Comes To the Rescue!
These privacy fears have been driving people to look for solutions wherever they can find them. There’s a whole industry of products that have sprung up with the purpose of providing you with security, anonymity, and privacy. From using a Tor browser to hiring a seedbox for peer-to-peer file transfers, everyone is willing to sell you something to make you feel better about your Internet privacy.
The solution that is being sold as the ultimate, fire-and-forget, cure to privacy worries is the VPN or virtual private network. One of the VPN’s primary weapons against the prying eyes of the world is its encryption. While you’ve probably heard the word 'encryption' before, the age of Internet privacy concerns makes understanding this term more important than ever. So before we dive into the role that encryption plays in the context of a VPN, we need to talk about what encryption means in general.
Can You Read This: Ustjay Ikelay Igpay Atinlay?
At first glance, it looks just like gibberish, but if you happen to know how to speak pig Latin, you’ll know that it’s just regular English that’s been modified a little. All you do is take the first letter of a word, stick at the end and then put 'ay' on there for good measure.
Once you know how it works, you can unscramble the words and get 'just like pig Latin.' It’s a very simple way to hide what you’re saying, sure. But if you looked at it long enough, you’d probably figure it out for yourself. It works well as an example though, because pig Latin is actually a very simple form of encryption.
Early Beginnings of Encryption - The Enigma Code
If you and your friend owned walkie-talkies when you were kids, you could talk to each other over long distances whenever you wanted to, without paying a cent. The problem is that anyone else with a radio tuned to the same frequency can listen in on your conversation! So you either have to stick to a conversation you don’t mind being overheard, or you have to speak in person to avoid eavesdroppers.
Alternatively, you and your friends could both learn pig Latin and then make sure your radio conversations only make sense to listeners that understand it. Sure, everyone can still intercept your transmission, but they have no way of knowing what’s being said without knowing how pig Latin works.
Funnily enough, the Germans had exactly the same problem in the Second World War. You see, it’s not the best situation to be in when the people you’re having a war with just have to switch to the radio to know exactly what you plan to do. Still, radio had way too much promise in a world where the height of battlefield communication technology was a pigeon.
Carrier pigeons played a central role in the previous war, but take a long time to reach their destination, can be shot down easily. So the Germans invented their own (much more complicated) version of pig Latin known as the Enigma Code. It was a pretty complicated way to scramble and unscramble their messages. Before transmitting the message, they’d feed the information into an enigma machine and out comes a seemingly random jumble of letters. Let us show you how this works, by using this nifty Enigma emulator.
First, we put in the text THISISHOWWEMAKEOURSTUFFSECRET. The three mechanical rotors of the Enigma machine take that message, scramble it from the inside our and we get the following code: JNOTWDCEBNKVORKXLWEYLWREJYORR. You’ll agree that’s a little harder to crack than pig Latin!
Hard But Not Impossible to Crack
In the end, the enigma code was cracked by in an incredibly smart English chap named Alan Turing who also went on to come up with a bunch of fundamental computer stuff like the Turing Test, a test designed to investigate when a computer is as smart as a person. Clearly a man ahead of his time.
Of course, people invented harder forms of encryption than the Enigma code pretty quickly. When those got cracked, even harder ones were invented. As computers have become more and more powerful, a sort of arms race between those who make encryption codes and those who want to 'crack' those codes to get to the juicy information on the inside.
No one has yet invented a way to encrypt information that is 100% impossible to break into. It’s not a question of whether an encryption code can be broken, but whether the effort and expense you’d have to put in are worth it. An ideal situation is one where the stuff that you’re trying to protect isn’t worth the effort of trying to steal it. The problem is that the constant march of technology is making it cheaper and simpler to break current encryption technologies every day.
Why Are There Different Methods of Encryption?
As you already saw in the case of pig Latin and the Enigma Machine code, encryptions differ in how hard they are to break into. So it’s not enough to know that VPN encryption scrambles the information that flows between you and your VPN, but that the quality of that encryption is good enough so that it actually gives you enough protection.
Modern digital encryption works with something called an encryption key. The key is basically a string of random characters that you can use to both scramble and unscramble information. The key is created when needed by an algorithm, which is a fancy way of saying it’s a mathematical recipe that creates a different key every time you run through it. These algorithms are designed by people with far too much time on their hands to create keys that are very hard to predict. The chances that you’ll get exactly the same key twice is so small that you may as well say it will never happen.
People who try to break encryption systems almost never try to attack them on the algorithm level. Unless there’s some serious problem with how the algorithm was made, there’s no real way to use it against itself. No, the easiest way to break encryption is by attacking the key itself.
The Hard Way is The Easy Way!
Imagine you had a combination lock on your bicycle, but it only had one digit. That means the correct number to unlock your bike is between 0-9. If someone wanted to steal your bike, they could just try every possible number until they found the right one.
This is known as a Brute Force attack. It’s simply trying every possible combination until we find the key that opens the lock. It’s quick and simple with our one digit lock because there are only 10 possible answers, which means that there's a one-in-ten chance of just guessing it right on the first try. That improves to one in nine on my second try and so on.
What an awful security system! But if we add just one digit to our lock, things are already much tougher. Now the possible answers are 00-99. In other words, you only have a one-in-one-hundred chance of guessing the combination on the first go and to 'brute force' all the possible numbers can take as much as ten times as long. A three-digit lock makes that one in a thousand and the popular four-digit bike lock amps it up to one in 10,000!
How Hard is to Break VPN Encryption?
The length of the keys used to encrypt and decrypt data are not as short as our bike’s combination lock. They are way, way longer. The gold-standard encryption that is used to secure things like credit card transactions and other sensitive transactions on the internet use keys that are 256 'bits' long.
Since each bit can only have two states (1 or 0) the number of possible combinations for a 256-bit key is 2 to the power of 256. That is a properly, massively, stupendously huge number. The sort of number that even Stephen Hawking would have a hard time imagining. So, even if you took the most powerful computers in the entire world, like the ones governments have, and you let it guess millions of possible key combinations every second of every day, it would still take billions of years for that computer to try every possible combination of bits that make up the key.
So while it’s not technically impossible to use brute force to 'crack' strong encryption, it’s so impractical that it might as well be!
Going Beyond Brute Force
So everything is perfectly safe, and we don’t have to worry? For the most part, the answer is yes, but there are other ways than using brute to figure out an encryption key.
For example, if we wanted to figure out your password and we knew that lots of people choose “Pa$$w0rd” as their password, then we have a much better chance of guessing correctly than trying every possible combination of eight letters, numbers and symbols.
By employing some smart strategies, it can be possible to cut down how much computer power you need to get the job done. For example, the AES 256 encryption standard has been 'cracked' under lab conditions by people who have the job of trying to figure out weaknesses in encryption before the bad guys do. They figured out a way that (in theory) would cut the time needed to crack the key by 75%, but that’s still 25% of billions of years, so don’t get too nervous just yet!
Is Encryption All That Matters?
No! It’s very important to understand a VPN encryption technology is only one part of overall privacy. Just because you’re protected from eavesdropping or your exact location can’t be easily found, doesn’t mean you can just go on your way without any more worries.
Remember that there are plenty of online services that you voluntarily share your information with. When you log into a service such as Facebook, you’re identifying yourself. When you geotag a photo on social media, that’s you giving the information away by choice.
A VPN’s encryption can protect you from most involuntary privacy breaches, but it can’t protect you from yourself! The same goes for bad Internet habits such as visiting dodgy, malware-ridden sites. If your computer gets infected with software that tracks your keystrokes or watches your screen, it will happily send your passwords and information back through your VPN’s encrypted connection. It won’t help you if you fall for an email phishing scam either. So treat emails from rich princess with care!
Introducing: VPN Encryption Protocols
While you don’t need to know much about the technical details that underlie VPN encryption, it is useful to know what different types of security options a VPN is likely to offer you. VPNs don’t offer their encryption as a separate option but as part of an overall VPN protocol. Some VPNs only provide one protocol option, but most offer a few options.
To help you understand how different VPN protocols affect your user experience, we have a dedicated guide to VPN protocols. This is where you'll learn about which protocol to use, depending on your planned online activity, so make sure to take a deep look.
Remember - Your Choice of VPN Matters!
In the end, just about every VPN service uses encryption that’s strong enough so that you don’t have to actually worry that someone will crack the key and get all of your secrets served on a platter. It’s much more important to know who your VPN is and how they do business. After all, there are at least two parties involved here that have access to your encryption key. One is you, so that’s OK, but the other is your VPN!
Which means that, rather than asking if the encryption used by your VPN provider is good enough, the real question should be whether you can trust them or not. What is their policy on record keeping? For example, there are some VPNs that have an explicit 'no logging' policy. In other words, they don’t even record your Internet activity in the first place. Which makes it impossible for them to disclose it to anyone in the first place.
Who could force a VPN provider to cough up your information? Well, the government of the country that the VPN is based in could have the power to do it, and if it has an agreement with the government in your country, well you can do the math. So not only do you need to know what the VPN’s internal privacy policies are, but you also need to know what the privacy laws in their country of origins say. Which is why certain countries are so popular with VPN providers. On the other hands, there are countries that have banned VPNs altogether.
So, In The End - Is VPN Encryption Safe Enough?
At this point, it should be clear that on a technical security level, the industry-standard encryption used by all reputable VPNs is about as safe as it gets. As long as a VPN actually uses such an encryption standard, it’s really not the sort of thing that a typical person has to worry about.
Unless you’re the CEO of a major company or a scientist who is about to invent the car that runs on water, it’s not likely that anyone would even think of tackling your VPN encryption. Besides, it should also be pretty clear that there are plenty of easier ways to get to your information for a determined and well-resourced thief. It is easier just to use other methods.
Dear readers, this is where we conclude our guide to VPN encryption. In case you think this article might help others, why not share it online? Also, don't forget to follow us via our social media profiles, on Facebook and Twitter. Let's stay in touch!