The most common way for websites to protect information from those who may maliciously intercept it in transit is encryption. This strategy changes, for example, the cardholder name and credit card number submitted on an e-commerce site into a string of characters that is meaningless unless it can be decrypted. One type of encryption used in computers is known as symmetric key encryption.
Two keys structured the same
Symmetric key encryption requires that both the sending and receiving computer have the same key for how to change useful data into apparently meaningless numbers, letters, and symbols. The sending computer will use the key to transform the original data into a form of code; the receiving computer will use an identical key to decode the message back into its original form.
The first major use of symmetric key encryption took place in the 1970s. Called the Data Encryption Standard, it used a 56-bit key. This key is quite complex by human standards; there are literally quadrillions of possible combinations. By computer standards, however, it did not provide strong security. Because computers can randomly generate sample keys at a fast rate, a brute force attack could usually find the right combination eventually.
Symmetric key encryption now uses a more advanced key known as AES, the Advanced Encryption Standard, which offers keys as long as 256 bits.
Businesses considering improving their website encryption should discuss the matter with an IT consulting firm that can offer sound advice about both symmetric key and public key encryption systems.