Encryption methods take information and disguise it so that no one can read the contents until the same method is used to decrypt the information back into its original form. Some encryption methods rely on using a secret algorithm to encrypt and decrypt information. Open source encryption methods have freely available source code, so they rely on symmetrical or asymmetrical data keys instead of a secret algorithm.
The source code for open source software is freely available for anyone to download. This allows the entire programming community to learn from the source code, audit the code for bugs or security vulnerabilities, and contribute their own source code for improving the software. Open source software boasts this as a benefit, but it means that anyone who downloads the source code for an open source encryption program automatically knows the algorithm the method uses. Keeping the algorithm secret is not an option, so these methods rely on data keys for encryption.
Data keys contain a complex series of numbers and characters that algorithms use to determine its encryption pattern. A data key will cause the algorithm to encrypt information in a way that is unique to it. After the information is encrypted, the program will need the data key that was used to encrypt the information in order to decrypt, or decipher, the information. If users keep their data key secure, then unauthorized individuals will not be able to decrypt their files. This system allows the algorithm an open source encryption method uses to be common knowledge while preserving the security of the information it protects.
There are two types of data keys in open source encryption methods: symmetrical and asymmetrical keys. A symmetrical key encryption system uses the same key to lock and unlock the data. This can take the form of a randomly generated data key or a password the algorithm used to encrypt the file's contents. Users who want to encrypt information so that no one but themselves can view it would keep the data key or password to themselves. If a user wants another individual to be able to decrypt their files, then he or she would have to give that person a copy of the data key or share the password.
Asymmetrical keys work by using a pair of keys, a private one and a public one. The data within each key is mathematically derived from the same source. The encryption user shares the private key with no one, and distributes the public key to anyone. If someone wants to encrypt a document for that user, then they can use his or her public key for the encryption. Once the document is encrypted with the public key, the algorithm cannot decrypt it without the private key.