Many password software, cloud companies, and other digital companies will say something along the lines of your data is protected with ‘Military Grade Encryption’. I mean, if it’s good enough for Uncle Sam, its good enough for us, right? This is partially true. Military Grade Encryption is more an ambiguous marketing term. In today’s post, we break down the phrase.
What Is Encryption?
Encryption is the process of taking information and scrambling it. The result is a gibberish mess that is only accessible if you know how. Once the information is encrypted with a cipher, it is only readable with the proper key.
For example, say you are about to buy something from Amazon. If you look at the address bar, you will see a lock before the web address. This means any data, like a credit card, gets encrypted before it leaves your computer and is sent to Amazon. This prevents people from skimming the Internet traffic and picking up your data. When you connect to the site, Amazon and your computer will perform a handshake. This handshake will exchange the necessary information to encrypt and decrypt your data.
Encryptions are based on mathematical algorithms, and some are more difficult to crack (and more secure) than others.
Enter Marketing Speak
As we digitize our lives, we want that information protected. Having your identity or other personal information is extremely invasive and can be hard to remedy. As a result, we want the strongest protection available. To ease our digital worries, companies will use the phrase ‘Military-Grade Encryption.’
To the average user, that will make you think that it tested by the military and used to protect our national secrets, right? Unfortunately, the military doesn’t have anything defined as military-grade encryption. Advertising it as such means the military may use it for somethings, but probably not to protect the nuclear launch codes.
So What Does It Mean?
According to Dashlane, a popular password manager, ‘military-grade encryption’ means Advanced Encryption Standard with a 256-bit key size or AES-256 encryption. AES-256 is the first ‘publicly accessible and open cipher approved by the NSA to protect information at a Top Secret level,’ according to Dashlane.
There are other encryption levels like AES-128 and AES-192. AES-256 differs from these because it has a larger key, meaning it is much harder to crack. Most banks use AES-256 or AES-128 to protect their data.
Which Is Better?
Several pieces of software, programs, and services already integrate the AES-256 encryption. These services might not advertise it like that, but it doesn’t mean it’s not in use. All of the major browsers support AES-256 communication.
Windows built-in BitLocker encryption is AES-128 by default but also is configurable to AES-256. Some password managers have made the switch from AES-128 to AES-256 because the larger number gives users a better sense of security even though both work fine.
If you found this article interesting or helpful, check out our other posts!