There are several different encryption methods: the two main types of data encryption are symmetric and asymmetric encryption.

## Symmetric encryption

There is only one key. All parties use the same key for both encryption and decryption so that symmetric encryption is cost-effective for the security it offers. In other words, it is crucial to invest more in the security of data storage when using symmetric encryption.

Common symmetric encryption methods:

### Data Encryption Standards (DES)

DES was primarily designed by researchers in IBM in the early 1970s, adopted by the National Institute of Standards and Technology (NIST). It is a block cypher algorithm. To encrypt plaintext data, DES groups the data into 64-bit block and converts them to ciphertext using 48-bits keys. Because it is a symmetric-key algorithm, it uses the same key in both encrypting and decrypting the data. DES uses the same cryptographic key to decrypt the encrypted data to convert the ciphertext back to plaintext. Though DES is insecure due to its short key length of 56 bits size, it has been highly influential in cryptography growth.

### Triple DES

Triple Data Encryption Standards is a version of the original DES encryption algorithm. It encrypts data three times, also known as 3DES. It applies the DES encryption algorithm three times to each block of data by encrypting, decrypting and then re-encrypting the data. Since 3DES uses 64-bits keys three times, the key length is 192-bits. 3DES is a block cypher because it encrypts data in 64-bit segments. However, Cypher Block Chaining (CBC) is an encryption mode that often occurs issues at high data rates.

### Blowfish

Bruce Schneier originally designed Blowfish in 1993. It is a symmetric block cypher and similar to 3DES. Besides the commonality, unlike 3DES, Blowfish performs variable-length key encryption instead of set 64-bits segments. Blowfish encrypts segments ranging from 32 to 448 bits. Blowfish is an unlicensed and unpatented encryption technique so that it is available and accessible for public use.

### Twofish

Twofish is a symmetric key block cypher related to Blowfish block cypher. It with a block size of 128-bits and up to 256-bits key size. Twofish use computed key-dependent S-boxes and a relatively complex key schedule. The 50% key is the actual encryption key, and another 50% key is for modification of the encryption algorithm. Twofish uses some elements from other designs, such as the Pseudo-Hadamard transform (PHT) of the SAFER cypher family. Twofish has a Feistel structure like DES. Twofish also uses a separable matrix at maximum distance. Twofish is not licensed and patented, is free to use, and considered one of the fastest encryption algorithms.

### Advanced Encryption Standard (AES)

AES is originally named Rijndael, is a symmetric block cypher. It was introduced in 2002 due to an increase in brute force attacks on the original DES. AES was designed on principle, known as a substitution-permutation network, and it is efficient in both hardware and software. In contrast to its predecessor DES, AES does not use a Feistel network. AES is with a fixed block size of 128-bits. AES uses three separate keys that AES-128bits, AES-192bits, and AES-256bits, to encrypt and decrypt the information of 128 bits. Since its adoption, AES has become the choice of the encryption algorithm by governments, financial institutions worldwide.

## Asymmetric encryption

There are two separate keys known as a public key and a private key. The public key is usually used for data encryption, while the private key is for decrypt the data. The public key is for anyone to use, while the private key is kept confidential and only delivered to authorized parties. As a consequence, asymmetric encryption could be more effective though it is expensive. Asymmetric encryption is a foundational technology of TLS, also known as SSL.

Common asymmetric encryption methods:

### RSA

RSA is an asymmetric cryptographic algorithm, name after creator Ron Rivest, Adi Shamir and Leonard Adelman. There are two different keys, a public key and a private key. Anyone can know the public key, but the private key must be kept confidential. It is a popular encryption algorithm to encrypt data with a public key and decipher the data with a private key.

RSA algorithm applies prime factorization. The key requires factoring a product with two large prime numbers. It is usually hard to figure out these two numbers. Even with large computers, it is exhausting and expensive to decrypt. RSA is beneficial, but at higher security levels, it becomes increasingly inefficient.

### Public key infrastructure (PKI)

PKI is an asymmetric cryptographic algorithm. It is a framework that allows different IT systems to have a high level of information confidentiality through strong data encryption and a high level of confidence through authentication with digital signatures and digital certificates. PKI uses two keys, a public key and a private key. Furthermore, there are three components involved: the digital certificates, the certificate authority and the registration authority. By hosting these elements on a secure framework, public key infrastructure can protect the identities involved and private information used in situations where requires security. These elements are vital to secure and communicate digital information and electronic transactions.

### ECC

ECC is an advanced approach. It is often based on a standard public key algorithm and combines elliptic curves and number theory to encrypt data. These elliptic curves lie within finite fields and are symmetrical about the x-axis of a graph. With these properties, cryptographers can offer robust security with much smaller and more efficient keys. ECC enables smaller keys compared to non-EC cryptography to provide equivalent protection. For example, an RSA key of 15360-bits corresponds to an ECC key of only 512-bits. Elliptic curves are useful for digital signatures, key agreements, pseudorandom generators, and other tasks. They can also be used indirectly for encryption by combining the key agreement with a symmetric encryption scheme.