πŸŒ™ LATE NIGHT MODE ACTIVATED β€” THE CLOWN IS WATCHING πŸŒ™
Home β†’ Resources β†’ Glossary β†’ Encryption

Encryption.

⚑ Definition

Encryption is mathematically transforming data so it looks like random noise to anyone who doesn't have the decryption key. The same data can be transformed back (decrypted) by anyone who does.

What it does

If you encrypt a message before sending it, anyone intercepting the transmission sees gibberish. Only the intended recipient β€” who has the matching key β€” can turn the gibberish back into the original message.

This is how almost every secure system on the internet works. HTTPS encrypts your traffic to websites. Messaging apps like Signal and WhatsApp encrypt your messages. Password managers encrypt your stored passwords. VPNs encrypt your network traffic.

Symmetric vs asymmetric

Symmetric encryption: the same key encrypts and decrypts. Fast. Examples: AES-256, ChaCha20. The problem: you have to share the key securely with the recipient first.

Asymmetric encryption: a pair of keys β€” a public key that anyone can use to encrypt messages to you, and a private key that only you have for decryption. Slower but solves the key-sharing problem. Examples: RSA, ECDSA, X25519.

Modern systems use both: asymmetric to securely share a symmetric key, then symmetric for the actual data (because it's much faster).

Why "256-bit" matters

The number refers to the size of the key. A 128-bit key has 2^128 possible values; a 256-bit key has 2^256. Both are unfathomably large numbers β€” far beyond what any computer, present or theoretically possible, could brute-force.

256-bit is the practical maximum used in mainstream cryptography. Both AES-128 and AES-256 are considered unbreakable today; 256 just has more headroom against future cryptanalytic advances.

What encryption doesn't do

Encryption protects data in transit and at rest. It doesn't protect against:

  • Compromised endpoints (if your device or the destination is hacked, the attacker sees data before/after encryption).
  • Stolen keys (if someone gets your private key, they can decrypt anything encrypted to you).
  • Metadata leakage (encryption hides contents but not necessarily that communication is happening).
  • Implementation bugs (a flawed encryption library can leak data despite using strong algorithms).

See also

πŸŽͺ FAQ

Is encryption the same as hashing?
No. Encryption is reversible β€” you can decrypt the data back to its original form with the right key. Hashing is one-way β€” you can't get the original data back from a hash. Encryption is for protecting data in transit or at rest. Hashing is for verifying integrity (did this data change?) and storing things like passwords (which should never be reversible).
Is 256-bit encryption literally twice as strong as 128-bit?
No, it's astronomically stronger. Each additional bit doubles the key space. AES-128 has 2^128 possible keys; AES-256 has 2^256. The ratio isn't 2x, it's 2^128 (about 3.4 Γ— 10^38). Both are practically unbreakable; 256 just has more headroom against future cryptanalytic advances.
What's the difference between symmetric and asymmetric encryption?
Symmetric uses the same key for encryption and decryption β€” fast, but you need to share the key securely first. Asymmetric (public-key) uses a pair of mathematically related keys: a public key for encryption, a private key for decryption. Slower, but solves the key-sharing problem. VPNs use asymmetric for the initial handshake (to share a symmetric key safely), then symmetric for the actual traffic (because it's faster).

πŸŽͺ ChaCha20-Poly1305

πŸ€– Get The Free App