What is cryptography? At its simplest, it is the math that makes digital life trustworthy, quietly working behind the scenes every time you send a message, log into your bank, or tap your phone to pay. Most of us never notice it, but it is the reason we can trust the people, devices, and services we interact with online.

• Cryptography uses mathematical algorithms and keys to deliver four core security properties: confidentiality, integrity, authentication, and non-repudiation.

• Symmetric-key algorithms, asymmetric-key algorithms, and cryptographic hash functions are complementary tools that work together in virtually every secure digital interaction you use daily.

• Quantum computing threatens specific public-key algorithms like RSA and elliptic curve cryptography, while symmetric encryption remains more resilient with appropriate key sizes.

• Post-quantum cryptography is driving a complex migration toward quantum-resistant algorithms across modern systems.

Cryptography is the discipline of using mathematics to provide information security, encompassing confidentiality, data integrity, authentication, and non-repudiation in digital communications. NIST overview describes it as the art and science of using mathematics to secure information and create a high degree of trust in the electronic realm.

Every time you browse a website, send an encrypted message, or tap your phone to make a payment, cryptography is doing work you never see. It protects digital communications and supports trust across everyday systems and services.

Confidentiality ensures that sensitive information stays hidden from unauthorized parties. When you enter a credit card number on a shopping site, cryptographic confidentiality means only the merchant's server can read that number, not anyone intercepting the network traffic between you and the site.

Data integrity confirms that information has not been altered since it was created or sent. When you download software, integrity mechanisms let you verify the file was not tampered with or corrupted after the developer published it. Even a single changed bit would produce a detectable difference.

Authentication guarantees that parties in a communication are who they claim to be. When your browser displays a padlock and confirms you are connected to your actual bank's website rather than an imposter, cryptographic authentication is performing that verification behind the scenes.

Non-repudiation proof provides proof that a specific party sent or authorized a piece of data, preventing them from later denying it. In electronic contracts and financial transactions, this property ensures that a party who authorized a transfer cannot credibly claim they did not.

One important caveat: cryptography solves a specific class of problems. Cryptography alone cannot secure systems against all threats. Technical flaws, human behavior, and attacker ingenuity create risks that cryptography by itself does not address.

Cryptography works by transforming data with algorithms and keys so only intended parties can read or verify it. Encryption converts readable data, or plaintext, into scrambled data, or ciphertext, and decryption reverses the transformation. The critical insight is that the algorithm itself can be entirely public. What keeps data secure is the crypto key, a parameter that controls how the algorithm operates. Anyone with the correct key and algorithm can decrypt; anyone without the key cannot.

All cryptographic algorithms fall into three families: symmetric-key algorithms, asymmetric-key algorithms, and cryptographic hash functions.

Symmetric encryption uses the same secret key for both encryption and decryption. Think of a physical lockbox with a single key: the same key that locks it also unlocks it.

The dominant standard is the Advanced Encryption Standard, or AES, which operates on 128-bit blocks of data and supports key sizes of 128, 192, or 256 bits. AES encrypts your Wi-Fi traffic, secures VPN tunnels, protects smartphone storage, and handles the bulk data encryption in HTTPS connections.

Symmetric encryption is fast and efficient, but it carries a structural challenge: both parties must already share the secret key before communicating. On the open internet, two computers cannot simply meet in private to agree on a key. This is the problem that asymmetric cryptography was designed to solve.

Asymmetric cryptography uses a mathematically linked key pair: a public key that can be freely shared and a private key that stays secret. Data encrypted with the public key can only be decrypted with the corresponding private key.

RSA derives its security from the difficulty of factoring the product of two very large prime numbers. ECC achieves comparable security with smaller keys, making it well suited for mobile devices.

Asymmetric key pairs also enable digital signatures. A sender signs data with their private key to prove authorship; anyone can verify the signature using the sender's public key. This reverse-direction use underpins code signing, document authentication, and electronic identity systems.

Hash functions are fundamentally different from encryption because they are intentionally irreversible. A cryptographic hash function takes input of any length and produces a fixed-length output called a hash value or message digest. The same input always produces the same output, it is computationally infeasible to find two different inputs that produce the same output, and you cannot reconstruct the original input from the hash.

SHA-256 digest, part of the NIST-approved SHA-2 family, produces a 256-bit digest. Hash functions power password storage, software integrity checks, and the signing process for digital signatures, where the hash of a document is signed rather than the full document.

Nearly every major security protocol layers all three types together. When you load a secure webpage, asymmetric cryptography handles authentication and negotiates a shared key during the handshake. Symmetric encryption, often AES, then protects all actual data transfer for speed. Hash functions verify integrity throughout and underpin the digital signatures in the certificate chain.

Each cryptographic family maps to specific, recognizable situations you encounter regularly.

Symmetric encryption handles the heavy lifting wherever large volumes of data need protection:

• HTTPS connections use AES to encrypt all web traffic after the initial handshake completes.

• VPN tunnels rely on symmetric encryption to protect data flowing through the encrypted connection.

• End-to-end encrypted messaging apps use symmetric keys, established through an asymmetric key exchange, to encrypt actual message content.

• Full-disk encryption on laptops and smartphones uses AES to protect stored data if the device is lost or stolen.

Asymmetric cryptography appears wherever identity verification or secure key exchange is needed:

• The padlock icon in your browser is backed by digital certificates, which are public-key documents verifying a website's identity through a chain of trust called public key infrastructure, or PKI.

• Code signing uses digital signatures to confirm that software has not been modified since the developer published it.

• SSH access uses asymmetric cryptography to authenticate both hosts and users when accessing servers remotely.

• Secure email protocols like S/MIME use asymmetric cryptography for both key exchange and sender verification.

Hash functions serve wherever data integrity or one-way transformation is required:

• Password storage systems hash your password so that even if the database is stolen, attackers get hashes rather than usable credentials.

• Software download pages publish SHA-256 hashes so users can independently verify a file was not altered.

• Blockchain systems chain blocks together by including the hash of the previous block in each new one, making the entire chain tamper-evident.

Cryptography is changing because quantum computing could break some of the public-key systems that secure digital communication today. The mathematical problems that protect RSA, ECC, and Diffie-Hellman key exchange have been computationally intractable for classical computers for decades, but quantum computing changes that equation. A sufficiently powerful quantum computer could solve the core mathematical problems behind some widely used public-key systems far more efficiently than classical machines can. This threat is specific to certain algorithms rather than to every kind of encryption.

This threat is specific. Symmetric encryption like AES-256 loses roughly half its effective security margin against a quantum adversary using Grover's algorithm, which performs a brute-force key search with quadratically fewer steps than would be required classically. However, it remains secure at appropriate key sizes. The existential risk targets asymmetric cryptography specifically.

The quantum threat is not purely theoretical or future-facing. The "harvest now, decrypt later" strategy describes adversaries collecting and storing encrypted data today, with the intention of decrypting it once a quantum computer of sufficient capability becomes available. If the information being protected is valuable enough for long enough, the risk exists before that future machine arrives.

Unlike authentication systems, which are only vulnerable when a quantum computer is actively used, confidentiality systems are retrospectively vulnerable. Encrypted data captured today can be stored indefinitely and decrypted later. Categories most at risk include biometric records, long-lived financial records, medical records, and sensitive government communications.

A cryptographically relevant quantum computer, one large and stable enough to break real-world public-key cryptography, does not yet exist. Even so, the combination of uncertainty around its arrival, the already-active harvest now, decrypt later risk, and the long time required to update infrastructure has pushed organizations to prepare early.

These are planning horizons rather than guarantees. But the migration challenge is large enough that waiting for a breakthrough would leave little room to respond.

In the post-quantum era, cryptography is shifting toward a new generation of algorithms built to withstand attacks from quantum machines while still running on the computers we use today. Post-quantum cryptography refers to algorithms designed to run on classical computers but remain secure against attacks from both classical and quantum machines. PQC runs on today's hardware using different underlying mathematics. You do not need a quantum computer to use quantum-resistant cryptography.

The vulnerability of RSA, ECC, and Diffie-Hellman is not an implementation flaw. The weakness comes from the mathematics those systems rely on, which means simply choosing larger key sizes does not solve the underlying problem. New cryptographic families build on mathematical problems where quantum algorithms offer no known exponential advantage.

Lattice-based cryptography, the dominant family in the new standards discussed in this article, relies on the difficulty of finding patterns in vast, irregular grids across hundreds of dimensions. Hash-based cryptography builds signatures using only the security of cryptographic hash functions, offering a conservative backup approach based on a different foundation.

NIST approved the first three Federal Information Processing Standards for post-quantum cryptography:

• FIPS 203 (ML-KEM): Replaces Diffie-Hellman key exchange and RSA key transport using lattice mathematics.

• FIPS 204 (ML-DSA): Replaces RSA and ECDSA digital signatures, also lattice-based.

• FIPS 205 (SLH-DSA): A hash-based digital signature standard serving as a diversity backup in case lattice mathematics is ever compromised.

The inclusion of both lattice-based and hash-based approaches is deliberate. A backup family based on different mathematics reduces dependence on any single line of cryptographic reasoning.

Switching cryptographic algorithms across global infrastructure is a massive undertaking. Several factors make this especially complex:

• Many cryptographic operations run in hardware like chips and smart cards that cannot be remotely updated.

• Cryptographic algorithms are embedded in layered protocol standards, including TLS, SSH, and VPN configurations, that must be updated in coordination.

• Organizations must first inventory where vulnerable algorithms are deployed before they can begin replacing them.

• PQC algorithms generally have larger key and signature sizes, creating performance trade-offs.

• Software, firmware, and hardware across thousands of vendors must all be updated; no organization migrates in isolation.

During the transition, a hybrid approach is widely recommended: running a PQC algorithm alongside a classical one so that breaking the system would require defeating both simultaneously.

Several widely held beliefs about cryptography are inaccurate, and correcting them matters for understanding what encryption actually protects.

Encryption protects data in transit and at rest, but once data is decrypted for use on a compromised device, the encryption provides no further protection. A system can use strong encryption and still be breached through stolen credentials, unpatched software, or social engineering. Encryption addresses unauthorized interception of raw data and must be combined with access controls, patching, and user awareness.

The padlock icon and "https://" mean the connection between your browser and the server is encrypted. They say nothing about whether the website itself is legitimate. A phishing site mimicking your bank can obtain a valid HTTPS certificate and display the same padlock. HTTPS protects the channel, not the destination. Domain checks help verify legitimacy by checking the full domain name carefully.

Quantum computers threaten specific public-key algorithms. Symmetric encryption like AES-256 remains resilient. Quantum-resistant standards are being developed and adopted before a capable quantum computer is available. The threat is real, but it is more accurately understood as a gradual and planned transition than a sudden collapse.

Cryptography turns abstract mathematics into the trust that supports digital life, protecting connections, transactions, and identity verification across modern systems. Those foundations are now being upgraded for the post-quantum era. Understanding what cryptography does today, and why it is changing, makes it easier to evaluate the security of the tools and services you rely on every day.