Data encryption disguises information so that only certain people can access it. Encryption is an old science, dating at least as far back as Julius Caesar. When he sent any messages to his trusted aides and friends, he replaced every A by a D, every B with an E, and so on through the alphabet. Only by knowing the "shift by 3" key would someone be able to decipher Caesar’s messages. Secret codes have played an important role in war and diplomacy ever since then. But commercial encryption has gained new importance in the modern digital age. Encryption protects your data as it is transmitted from an automatic teller to a bank computer; it keeps crooks from stealing money by forging bank wire transfers; it enables television show owners to collect from people who own satellites; it is giving rise to a thriving marketplace on the Internet. Encryption also makes possible virtually untappable phones.

The original undisguised message is called plaintext. The disguised message is called ciphertext. Encryption is the process of converting plaintext into ciphertext. Decryption is the process of converting ciphertext into plaintext. A cryptosystem is normally a collection of algorithms, which are usually labeled, and each label is called a key. In the Caesar example, he probably used "shift by X" encryption for different messages. In this case, X is the key.

Today’s methods of encryption are obviously much more sophisticated and the strength of these methods is measured by the length in "bits" of the key. The bit length indicates the number of possible formulas (keys) needed to decode a message. Continuing the Julius Caesar example from above, if you knew that the key was to shift by either 2, 3 or 4, you would obviously need to try only these three combinations before you were able to decrypt the message. An 8-bit key would give you 2⁸, or 256, possible combinations; we say that an 8-bit key has 256 possible decrypting formulas. The current maximum encryption strength allowed on US software exports under most conditions is the 56-bit Data Encryption Standard (DES) (software manufactured for use only within the US and Canada has no limits on the strength of its encryption algorithm). Despite having a seemingly vast number of possible keys (2⁵⁶ is 72,057,594,037,927,936), the DES is almost universally viewed as being excessively vulnerable to attacks; in January 1999, the Electronic Frontier Foundation decrypted a message encoded with the 56-bit DES in 22.5 hours. In late August 1999, a team of researchers announced that they had beaten an encryption method utilizing a 512-bit key in seven months by using a 292-computer network at 11 different locations. It had been previously thought that using every computer in the world working together, it would take longer than the age of the universe to break a 512-bit key.

There are two different methods of encryption, each with strengths and weaknesses. They are Public Key and Private Key encryption.

Public Key Encryption uses two keys, a public and a private key, for sending and receiving email. The public key only encrypts and can therefore be revealed to anyone; indeed, many people have their public key readily accessible on the World Wide Web. The private key only decrypts, and should therefore never be shown to anyone. Because it uses two different keys, public key encryption is also known as asymmetric key encryption. Public key encryption is by far the more popular method of encryption.

Private Key Encryption uses the same key to encrypt and decrypt data, and is therefore called symmetric key encryption. It is faster than public key encryption and, because no part of the key is public, it is also more secure. The biggest problem with using private key encryption is getting the key to the intended recipient securely. Governments have traditionally addressed this issue by transporting keys in locked briefcases handcuffed to the wrists of couriers, a solution not available to most people. If your snail mail (regular post-office mail) is not being read then you can safely use the mail to send the key, but it is tough to be absolutely certain of that.

We believe that the application of encryption in commercial transactions has several important objectives:

• To protect privacy and confidentiality.
• To transmit secure information (e.g. credit card details).
• To provide authentication of the sender of a message.
• To provide authentication of the time a message was sent.

We expect the commercial potential for the product to be enormous. We view the potential market for data security and encryption products to be virtually the entire universe of individual, government and corporate computer users. According to studies, approximately 3.4 trillion email messages were delivered in the US in 1998 and there were 66 million corporate email users in the US. The number of corporate email users is expected to double by 2000. Forrester Research estimates that 270 million people worldwide will be using E-mail in the year 2001 and that almost all will have encryption software, but only 2 percent of emails now sent use any type of security at all. Frost & Sullivan estimates that the market for information security will grow at a 55% annual growth rate to reach $4 billion by 2004.

Recent events have demonstrated the need for computer users of all kinds to have the ability to protect their information. During the last week of August 1999, several security breaches requiring no more programming knowledge than the ability to use a browser were uncovered. An Internet Explorer flaw exposes PCs to viruses unless the ActiveX function is disabled. The US Department of Justice asked Congress for the right to secretly break into homes and disable security precautions taken on the owner’s PC. Affecting the largest number of people, a disastrous flaw in the Hotmail service from Microsoft, the largest email service in the country, let anyone read all of the private email of any of its 40 to 50 million customers. Microsoft claims to have fixed the problem, but it raises the troubling prospect of still undiscovered security flaws.