Nyheter

How encryption really works

Published: May 26, 2026
Kryptologins historia 2

Encryption protects your information every time you log in to your bank, shop online or send a message. Jens Bohlin, CEO of Tutus, explains the two fundamental types and how they work together in modern systems.

Encryption is the technology that today protects everything from banking and healthcare data to everyday communication and online shopping. But how does it actually work? There are two fundamental types of encryption, and in modern systems they are almost always used together.

The first and simplest form is called symmetric encryption. Here, the same key is used both to encrypt and decrypt a message. The advantage is that the systems are fast and can handle large amounts of data at high speed. AES, Advanced Encryption Standard, is a well-known example of a symmetric algorithm.

But symmetric systems have a fundamental challenge: key management. For communication to work, the sender and recipient must have access to exactly the same secret key, and that key must be protected from unauthorised parties. Jens Bohlin, CEO of Tutus, describes the problem.

–The key that is shared between sender and recipient must be secret and must absolutely not end up in the wrong hands. The fundamental problem is how to get that key to the person who needs it. You cannot use the encryption system itself to do it, it is like trying to lift yourself up by your own hair, says Jens.

Historically, this often resulted in a manual and cumbersome process. It is also the reason why an entirely different type of encryption was developed.

The public and the private key

Asymmetric encryption solves the key problem by using two different keys: a public one and a private one. The public key can be shared freely with anyone, whilst the private key never leaves its owner. In modern systems, the private key is often stored on a smartcard or similar protected device.

The principle is simple: anyone who wants to send a secret message encrypts it using the recipient's public key. Only the recipient, with their private key, can then decrypt it.

The system can also be run in reverse, which opens up further possibilities.

– An individual in the system can use their private key to perform a kind of encryption that everyone can then decrypt. The point of this is that it creates confidence that it really is the sender who has sent the message, since only the sender had the private key, says Jens.

This is precisely what underlies digital signatures, a way of verifying who actually sent something. The drawback of asymmetric systems is that they are considerably slower than symmetric ones.

The best of both worlds

The solution is to combine the two methods, and that is exactly what all modern systems do. The asymmetric systems are used to handle the key exchange, the parties identify themselves, establish trust and agree on a temporary session key. The fast symmetric encryption then takes over for the actual data transfer.

It is a symbiosis in which each method contributes its strengths. Asymmetric encryption for secure key management and identification, symmetric encryption for fast and efficient data protection. Together they form the backbone of the digital security we rely on every day.

– It happens several times a day for most of us, without us noticing. When you pay by card, log in to your bank, open your email or send a message. It is this combination of symmetric and asymmetric encryption that makes it possible and keeps information secure along the way, says Jens.

RSA: Named after its inventors 

RSA is the algorithm that first put asymmetric encryption into practice and is named after its three inventors: Ronald Rivest, Adi Shamir and Leonard Adleman. When they published their system in 1977, they had solved something that until then had only existed in theory. RSA quickly became a cornerstone of modern cryptography and is still used today in everything from email to digital certificates.

The idea came before the solution 

Whitfield Diffie and Martin Hellman published a groundbreaking idea in 1976: that it ought to be possible to encrypt information with a public key and decrypt it with a private one. The concept was revolutionary, but they had no practical way of carrying it out. The very next year, Rivest, Shamir and Adleman picked up where they left off and built the algorithm that could actually bring the idea to life.

The discovery that was hidden for 20 years 

What the world credits to Diffie, Hellman and the RSA trio had in fact already been solved by the British intelligence agency GCHQ. The mathematician Clifford Cocks developed a system in the early 1970s that was in practice identical to RSA, but the work was classified and could not leave the organisation. It was not until 1997 that it was declassified and Cocks could finally receive recognition for one of the most significant breakthroughs in the history of cryptography.

About Jens

Jens Bohlin has been CEO of Tutus since 2009 and has a long background in cryptology and information security. He has previously worked as a technical cryptologist at both MUST and FRA, as well as at the Ministry for Foreign Affairs on joint initiatives relating to cryptography and secure systems. Jens holds a master's degree in computer science and engineering.

Namnlos design 20

About Tutus

Tutus is a Swedish cybersecurity company providing comprehensive solutions in information and network security, with a particular focus on encryption and secure communication. Since 1992, we have developed advanced solutions for critical societal functions with high security requirements — offering products approved for handling security-classified information up to the level of Restricted at the national level, as well as EU Restricted and NATO Restricted.