Encryption is the process of converting plaintext (readable data) into ciphertext (scrambled data) using a cryptographic algorithm and a key, so that only authorised parties with the corresponding decryption key can read the original message. Symmetric encryption uses the same key for encryption and decryption (e.g., AES), while asymmetric encryption uses a public-private key pair (e.g., RSA). Encryption is fundamental to securing data in transit (HTTPS, VPN) and data at rest (encrypted hard drives, databases).
| Property | Symmetric | Asymmetric |
|---|---|---|
| Keys used | One shared key | Public + Private key pair |
| Speed | Fast | Slower |
| Key exchange | Difficult (secure channel needed) | Easy (public key shared openly) |
| Common algorithms | AES, 3DES, ChaCha20 | RSA, ECC, Diffie-Hellman |
| Typical use | Bulk data encryption | Key exchange, digital signatures |
| Key length (typical) | 128 or 256 bits | 2048 or 4096 bits |
Wikimedia Commons, CC BY-SA
Public key cryptography (also known as asymmetric cryptography) is a cryptographic system that uses mathematically linked key pairs: a public key that can be freely distributed and a private key that must remain secret to its owner. Data encrypted with a public key can only be decrypted by the corresponding private key, and a message signed with a private key can be verified by anyone holding the public key. This system, introduced by Diffie and Hellman in 1976 and implemented by RSA in 1977, underpins secure internet communication, digital signatures, and certificate authorities.
TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are cryptographic protocols designed to provide secure communication over a computer network, most commonly the internet. TLS establishes an encrypted channel between two parties through a handshake process that authenticates the server (and optionally the client) using digital certificates, negotiates encryption algorithms, and exchanges session keys via public key cryptography. It is the security layer behind HTTPS, securing web browsing, email, messaging, and VoIP communications.
A firewall is a network security system — implemented in hardware, software, or both — that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It establishes a barrier between trusted internal networks and untrusted external networks (such as the internet), blocking or permitting traffic according to policies defined by an administrator. Modern firewalls have evolved from simple packet filters to stateful inspection firewalls and next-generation firewalls (NGFW) capable of deep packet inspection, application awareness, and intrusion prevention.
"Encryption" derives from Greek en (into) + kryptos (hidden, secret). "Kryptos" is also the root of "cryptography." The practice of concealing messages dates to ancient Egypt and Rome (Caesar cipher, ~50 BCE), but the modern mathematical theory of encryption was formalised by Claude Shannon in "Communication Theory of Secrecy Systems" (1949).