What Is Cryptography? Protecting Data in the Digital Age

Cryptography is not a modern invention. Its roots stretch back thousands of years, from the substitution ciphers used by Julius Caesar to the various cryptographic machines used during the wars of the early 20th century. In the modern day, what has changed is scale and stakes. Nowadays, every digital system that handles sensitive information, from online banking to healthcare records to military communications, relies on cryptographic methods to function securely. The transition from manual ciphers to computational cryptography in the mid-20th century unlocked the ability to protect data at machine speed, and the discipline has evolved rapidly since.

Today, cryptography is foundational to secure system design. It underpins the protocols that protect data in transit (TLS/SSL), secure data at rest (disk and database encryption), authenticate users and machines (digital certificates), and verify the integrity of software (code signing). But cryptography ages over time. Researchers continuously analyze algorithms and reveal weaknesses in the constructions, either by advancing the understanding of the underlying construction, or by finding better algorithms to solve the mathematical problems that back their security. This means that cryptographic protections that are strong today may not remain so indefinitely. This ongoing evolution makes cryptography not just a technical discipline but a strategic one, requiring continuous assessment and adaptation.

Why cryptography matters for cybersecurity

Cryptography is the backbone of modern cybersecurity because it is the mechanism through which organizations protect data, verify identities, and maintain trust in digital systems. Without cryptographic protections, every piece of data transmitted over the internet, stored in a database, or exchanged between machines, would be exposed to interception and manipulation.

The business case for strong cryptography extends well beyond technical risk. Attacks against cryptography are particularly dangerous because compromised data can be manipulated (read, tampered with, or forged) passively and offline, meaning an organization may not know its information has been exposed until long after the breach occurs. This makes cryptographic failures different from other security incidents: there may be no alert, no log entry, and no indication that anything has gone wrong until sensitive data surfaces in unauthorized hands.

Regulatory bodies and industry standards have recognized this, making cryptographic strength a compliance requirement across sectors. Financial institutions must adhere to strict encryption mandates. Healthcare organizations are bound by HIPAA requirements for protected health information. Publicly traded companies face SEC disclosure obligations for security incidents, including those that stem from cryptographic failures. The consequences of weak cryptography are measured in revenue loss, reputational damage, compliance fines, and in some cases, legal liability.

Cryptography is also increasingly a board-level concern. The emergence of quantum computing poses an immediate threat to widely used algorithms (such as RSA, ECDH and ECDSA) has elevated post-quantum preparedness from an infrastructure project to a top business risk. Organizations that treat cryptography as a technical implementation detail rather than a strategic capability are leaving themselves exposed.

Types of cryptography

Cryptographic systems fall into three primary categories, each serving distinct purposes in securing data. Understanding how they differ is essential to building effective security architectures.

Symmetric encryption

In a symmetric cryptosystem, the same key is used for both encryption and decryption. Symmetric encryption algorithms are the most straightforward to understand and implement, and they offer the best performance for bulk data operations. Common symmetric algorithms include AES (Advanced Encryption Standard) and ChaCha20, with AES being the current standard for most applications, including disk encryption, database encryption, and VPN tunnels.

The primary disadvantage of symmetric encryption is key management. Before two parties can communicate securely, they need a way to exchange the shared key through a secure channel. If the parties are geographically dispersed, establishing that initial secure channel can be difficult and expensive. Traditional methods like secure postal delivery or trusted couriers are vulnerable to interception and compromise. Additionally, symmetric systems face challenges in multi-party communication: if the shared key held by any single party is compromised, the entire system is compromised. Determining which party was responsible for the breach can also be difficult. These limitations are precisely why asymmetric cryptography was developed.

Asymmetric encryption, key agreements and signatures

Asymmetric cryptography uses key pairs rather than a single shared key. One key performs the forward function (encrypting, signing, etc.) while the other performs the complementary function (decrypting, verifying, etc). The system is “asymmetric” because the forward key cannot be used for the reverse function and vice versa. This property is built on mathematical one-way functions that are computationally infeasible to reverse. The practical solution that arises as a result of this is that one key can be made public while the other remains secret, which is why asymmetric cryptography is also known as public key cryptography.

To share data confidentially, a sender encrypts a message using the recipient’s public key, and only the recipient, who holds the corresponding private key, can decrypt it. This elegantly solves the key distribution problem that plagues symmetric systems: public keys can be shared openly without compromising security. In practice, the messages sent with public-key encryption are keys that can later be used with faster symmetric encryption. This turns public encryption into what is called a key-transport mechanism, with RSA being a common example.

Parties can also compute a shared secret by following a protocol using their own private key and the other party’s public key. This results into a mechanism usually referred to as key agreement, with ECDH (Elliptic Curve Diffie He****llman) being a well-known example.

Digital signatures, on the other hand, are asymmetric algorithms used to authenticate the origin and guarantee the integrity of the data. A sender signs a message using its own private key, and a recipient verifies the legitimacy of the signature using the sender’s public key. A common example is ECDSA (Elliptic Curve Digital Signature Algorithm).

The examples given above are widely used for secure email, digital signatures, key exchange, and TLS handshakes. However, RSA, ECDH, ECDSA and most of the deployed algorithms rely on mathematical problems (factoring numbers and computing discrete logarithms) that are vulnerable to attack by quantum computers. Migrating to algorithms that are secure against quantum attacks (known as PQC) has significant implications for long-term cryptographic planning. The key to successful use of asymmetric encryption at scale is a robust key management system built on public key infrastructure (PKI).

Hash functions

One more important type of cryptographic construction that is fundamental for the modern day are cryptographic hashes. These are functions that map data of any length to a fixed-length output (the hash or digest). Unlike encryption, hashing is a one-way transformation: there is no key that reverses the process to recover the original data. Hash functions serve as digital fingerprints, and they are essential for verifying data integrity, storing passwords securely, and signing code.

A strong cryptographic hash function is designed to emulate true randomness, that is, messages and hash values should look completely unrelated. In particular, it must be infeasible to recover a message from its hash value or find two messages with the same hash value.

As with encryption and signing, algorithm selection matters significantly for hash functions. SHA-1 was once a widely used hashing algorithm, but it has reached its end of life after researchers demonstrated practical collision attacks. Older hash functions such as MD5 should no longer be used on business-critical systems because they are considered broken by security professionals. Modern systems should use modern constructions such as SHA-2 or SHA-3 family algorithms, which provide substantially stronger security guarantees.

How cryptography provides confidentiality, integrity, authentication, and non-repudiation

Cryptography supports four major pillars of information security, and understanding how each works clarifies why multiple cryptographic techniques are needed in combination.

Confidentiality is achieved through encryption. Symmetric encryption transforms readable plaintext into ciphertext that is unintelligible without the correct decryption key. This protects data both in transit (when moving across networks) and at rest (when stored in databases, disks, or cloud environments). Even if an attacker intercepts encrypted data, they cannot read it without the key.

Integrity can be achieved by leveraging cryptographic hashing, signing, authenticated encryption modes, or a combination of other cryptographic primitives. By computing a hash of data before transmission and verifying it on receipt, the receiving party can detect whether the data has been altered. Any change to the data, no matter how small, produces a completely different hash value. This makes unauthorized modification detectable.

Authentication relies on digital signatures and public keys contained in digital certificates. To this end, a digital signature is commonly used in combination with a hash function. A message is hashed to reduce its size, and the result is signed with the signer’s private key. The recipient verifies the signature using the signer’s public key, confirming both the identity of the sender and the integrity of the message. Digital certificates, issued by a trusted party (a certificate authority) within the environment, use digital signatures to bind public keys to verified identities. They serve as a secure method for authenticating and communicating cryptographic keys across systems.

Non-repudiation extends authentication by ensuring that a signer cannot deny having signed a message to any third party. Because the digital signature can only be produced with the signer’s private key (which only they should possess), the signature serves as verifiable proof of origin to any third party. This property is critical for legal agreements, financial transactions, and regulatory compliance.

In practice, these four properties can be found in systems like TLS (which secures web traffic), secure email (which protects message content and verify sender identity), and code signing (which verifies that software has not been tampered with since it was published).

Cryptographic keys and key management

Cryptographic keys are the secret values that power every encryption and decryption operation. The security of any cryptographic system ultimately depends not just on the strength of its algorithms but on how well its keys are managed throughout their lifecycle.

Key lifecycle management encompasses generation, distribution, storage, rotation, revocation, and destruction. At each stage, failures can undermine the entire system. Poorly generated keys (those lacking sufficient randomness) are predictable, and therefore insecure. Keys transmitted over insecure channels can be intercepted. Keys stored unprotected on disk can be extracted by anyone with access to the system. Keys that are never rotated remain vulnerable to cumulative cryptanalysis. And keys that are not properly revoked when compromised continue to provide attackers with access.

Well-designed systems protect keys at rest by encrypting them with passwords, hardware-based protections like TPMs (Trusted Platform Modules), or obfuscation techniques. Poorly designed systems simply store keys unsecured on a disk drive. This is the equivalent of leaving the master key to a building under the welcome mat.

Hardware security modules (HSMs) represent the gold standard for key protection. An HSM is a dedicated physical computing device that safeguards and manages cryptographic keys while providing hardware-accelerated cryptographic processing. HSMs are trusted because they are built on specialized, certified hardware with a security-focused operating system, strictly controlled network access, and active protections for cryptographic material. They use physical processes to generate high-quality randomness (entropy), which produces keys with strong unpredictability. HSMs can also deliver significantly better performance than general-purpose servers, achieving thousands of cryptographic operations per second because they are purpose-built and optimized for these tasks.

PKI and digital certificates

Public key infrastructure (PKI) is the system that manages the issuance, distribution, validation, and revocation of digital certificates. These certificates bind a public key to a verified identity (a person, device, or service) and are signed by a trusted certificate authority (CA), creating trust that enables secure communication across networks.

PKI is the practical backbone for deploying asymmetric cryptography at scale. Organizations use PKI to manage TLS certificates that secure web traffic, code signing certificates that verify software integrity, email signing certificates that authenticate senders, and machine identity certificates that secure device-to-device communication. As the number of connected devices and workloads has grown, so has the volume of certificates organizations must manage.

For a deeper look at how PKI works and how to implement it effectively, see our deep dive on what is PKI.

Common cryptographic challenges organizations face

Even organizations that invest heavily in security encounter persistent challenges when implementing and maintaining cryptography across their environments. These challenges are systemic, not incidental, and they span technology, supply chains, and human factors.

Algorithm obsolescence

Cryptographic algorithms weaken over time. Researchers continuously analyze mathematical foundations and discover new attacks against previously trusted algorithms and key sizes. New systems are rarely designed with state-of-the-art cryptography because compatibility requirements push teams toward older, more widely supported algorithms. The result is a growing gap between the cryptography an enterprise uses and what standards organizations and government institutions recommend for security. This lifecycle, from adoption to deprecation, is not a one-time event but a continuous process that requires ongoing monitoring and willingness to migrate.

Supply chain risk

The relationship between the developers who implement cryptographic algorithms and the end users whose data those algorithms protect is rarely direct. Multiple layers of supply chain relationships separate the two, and cryptographic weaknesses in system components can be hidden from the enterprise that ultimately bears the risk. A vendor may use an outdated library, a supplier may misconfigure an algorithm, and the organization relying on the final product has no visibility into the underlying cryptographic implementation.

Implementation errors

Cryptographic algorithms are only as strong as their implementation. Software developers routinely misconfigure cryptographic parameters, making poor selections related to modes and key sizes. It is also common to find errors in algorithm implementation, such as failing to take necessary countermeasures against timing attacks, or having insufficient entropy sources. Developers often pull open-source cryptographic libraries into their code without fully understanding the configuration requirements or the implications of default settings. These implementation errors are difficult to detect through standard code review or testing.

Discovering cryptography in software

Perhaps the most fundamental challenge is simply knowing what cryptographic implementations exist within an organization’s software portfolio. It is extremely difficult to determine whether a piece of software is using the correct cryptographic implementations, because the software is compiled and the source code is often unavailable for review. OS-level cryptographic libraries, embedded firmware, and hardware security modules further complicate discovery. Without a reliable way to inventory cryptographic usage, organizations cannot assess their exposure to obsolete algorithms, misconfigured implementations, or quantum-vulnerable ciphers.

What is crypto-agility and why does it matter?

Crypto-agility is an organization’s ability to quickly update or replace cryptographic algorithms, protocols, and keys without disrupting business operations. Rather than a specific technology, it is an architectural and operational capability: the readiness to swap out one cryptographic method for another when standards evolve, vulnerabilities emerge, or regulatory requirements change.

Crypto-agility matters because cryptographic transitions are inevitable. Every algorithm has a finite lifespan, and the pace of obsolescence is accelerating. The looming arrival of cryptographically relevant quantum computers threatens to break traditional cryptography, which are the most widely deployed asymmetric algorithms. Organizations that lack crypto-agility face the prospect of a disruptive, high-risk overhaul when, not if, migration becomes necessary. Those that have invested in agile cryptographic architectures can adapt incrementally, testing and deploying new algorithms alongside existing ones and transitioning workloads at a manageable pace.

For a detailed guide on crypto-agility and post-quantum migration planning, see What Is Crypto-Agility? How to Prepare for Post-Quantum Migration.

Cryptography compliance and regulatory requirements

Regulatory frameworks increasingly mandate that organizations maintain strong, current cryptographic practices. Compliance is no longer optional for any organization that handles sensitive data, and the penalties for failures are substantial.

NIST cryptographic standards provide the foundational benchmarks that most regulations reference. NIST’s post-quantum cryptography standardization effort is defining the algorithms that will replace RSA and ECC, and organizations that align with NIST guidance position themselves ahead of mandatory transitions.

The EU Cyber Resiliency Act requires companies to keep cryptographic algorithms secure and up to date across products sold in European markets. This means that cryptographic hygiene is not just an internal concern, but a product compliance obligation with direct market access implications.

SEC disclosure requirements obligate publicly traded companies to disclose material cybersecurity incidents, including those resulting from cryptographic failures. An expired certificate that causes a service outage or a compromised encryption key that exposes customer data can trigger disclosure obligations with significant reputational and financial consequences.

GDPR and related privacy regulations carry implications for cryptographic practice because encryption is a recognized technical measure for protecting personal data. Organizations that suffer breaches of encrypted data may face less severe regulatory treatment than those where the breach exposes unencrypted data, making encryption strength a factor in regulatory risk assessment.

Industry-specific mandates add additional layers. Financial services regulations prescribe specific encryption standards for payment processing and data handling. Healthcare regulations under HIPAA require encryption of protected health information. Organizations operating across multiple jurisdictions face the challenge of meeting overlapping and sometimes conflicting cryptographic requirements simultaneously.

Building a cryptography management strategy

Taking control of an organization’s cryptographic posture requires a structured, phased approach. The complexity of modern IT environments, spanning cloud infrastructure, legacy systems, embedded devices, and third-party software, makes a comprehensive strategy essential.

Phase 1: Inventory all cryptography

The first and most critical step is establishing a complete inventory of every cryptographic asset across the environment. This includes PKI certificates, machine identity certificates, API keys, code signing certificates, and the cryptographic algorithms embedded in software. Without a comprehensive inventory, organizations cannot assess their risk exposure or plan migrations of cryptographic algorithms effectively. As one approach recommends: start with inventorying all the crypto you have, covering PKI, machine certificates, APIs, and code signing certs. See our blog more about how to make a cryptographic inventory.

Phase 2: Prioritize based on risk

Once the inventory is complete, organizations must prioritize remediation based on business impact and vulnerability. Not all cryptographic assets carry the same risk. Systems that protect the most sensitive data or that rely on algorithms most vulnerable to emerging threats (particularly RSA and ECC in a post-quantum context) should receive attention first. Prioritization should account for operational dependencies, compliance obligations, and the effort required for migration.

Phase 3: Plan and execute migration of cryptographic algorithms

With priorities established, organizations can create a phased algorithm migration plan that moves systems to current cryptographic standards without disrupting operations. This phase involves testing replacement algorithms, validating compatibility across systems, updating configurations, and verifying that the new implementations meet security and performance requirements.

US guidelines

The U.S. Treasury Department and G7 have outlined a phased recommendation timeline for enhanching cryptographic infrastructure and be ready for potential threats, such as quantum computing. Organizations should then already have a plan in place, should be actively inventorying their cryptographic assets through 2026, and should begin prioritizing remediation by early 2027. This timeline underscores that cryptographic management is not a future concern but an active, ongoing program.

On June 22, 2026, the United States President signed Executive Order 14409, “Securing the Nation Against Advanced Cryptographic Attacks,” setting the first binding federal PQC deadlines: key establishment updated to a quantum standard by 2030 and digital signatures by 2031 for high-impact systems, with the Office of Management and Budget issuing guidance, each agency naming a PQC migration lead, covered contractors held to similar timelines, and national security systems carved out. How Keyfactor can help

Keyfactor brings digital trust to the hyper-connected world by empowering organizations to build and maintain secure, trusted connections across every device, workload, and machine. For organizations facing the challenges of cryptographic management at enterprise scale, Keyfactor provides capabilities across three critical areas.

Simplifying PKI with Keyfactor EJBCA. Keyfactor makes it easier for organizations to deploy and manage public key infrastructure at enterprise scale, removing the complexity that often forces teams to rely on manual processes or self-signed certificates that introduce risk.

Automating certificate lifecycle management with Keyfactor Command. Manual certificate management is a leading cause of preventable outages. A single missed certificate renewal can take critical services offline, as demonstrated when a certificate renewal failure at Microsoft took millions of customers offline. Keyfactor automates the full certificate lifecycle, from issuance through renewal and revocation, eliminating the manual tracking that leads to these incidents.

Keyfactor AgileSec is a security management tool that automatically generates an inventory of all cryptographic algorithms found in any piece of software. It uses deep binary stream inspection to analyze compiled code, creates a continuously updated cryptographic indicator database to identify algorithms and their configurations, and provides business context reporting that connects cryptographic findings to the systems and data they protect. This gives security teams the visibility they need to identify weak or outdated cryptography, detect misconfigured implementations, and prioritize remediation based on business risk.

Enabling crypto-agility. Keyfactor helps organizations update cryptographic algorithms and prepare for evolving standards (including post-quantum requirements) without disrupting operations. This capability is essential for organizations that need to transition cryptographic implementations across large, complex environments.