From The Urbach Letter –
What do you have in common with military generals, CIA agents, banks, and multinational corporations? Secrets you'd like to keep, that's what! While in your case, national security might not hang in the balance, you have every right to maintain your own personal privacy (at the very least). Every one of us needs to keep some things on a "need to know basis." The good news is there's a relatively simple way to secure your communications and also prevent evil-doers from plundering the files on your computer.
From Zero to Hero
But how? How do you go from zero security to a bulletproof defense without encumbering your life with all kinds of tech stuff and complication? Face it, if the approach I recommend isn't going to be simple, cheap, and easy, you're not going to bother.
What Does GRJ Mean?
Simple substitution ciphers like this are extremely easy to crack. Grade school kids can do it. Our language has a high degree of redundancy; certain letters and word forms appear more frequently than others. However, you can already see how to make it much harder to crack. Rather than shifting letters up or down a certain number, you could create a complex mathematical formula for scrambling the characters. Indeed, until just twenty years ago, that was one of the two ways secret messages were transmitted. (The other was via pairs of matched code books).
That's a limitation of conventional *symmetric key* cryptography: the need to somehow securely transmit the unlock key to the recipient. I say symmetric because the same key is used to both encrypt and decrypt the message. Therefore, all kinds of cloak and dagger methods are used for delivering those secret codes, or private keys.
Public Key Crypto
Software installed on your computer takes that passphrase and generates two keys from it: a private key that you'll keep very secret and a public key that you can show to the world. If somebody wants to send you a secret message, they use your public key to encode it. But it's a one-way function. Once encoded, only your private key can unlock the message. Likewise, if you want to send somebody else a secret message, you encode it to their public key, and it's unscrambled by the receiver with their private key.
That's the beauty of public key crypto. You and your counterparty never have to exchange information that could fall into the wrong hands. There's no way to take a public key and mathematically deduce the corresponding unique private key from it. Like I said, it's a one-way function.
The public key encodes and the private key decodes. Cool.
From Tactical to Practical