Encryption transforms readable data (plaintext) into an unreadable format (ciphertext) using mathematical algorithms and keys. Only parties with the correct decryption key can reverse the process. Encryption protects data confidentiality whether data is at rest (stored), in transit (network communications), or in use (processing).
Two primary types exist: symmetric encryption uses the same key for encryption and decryption (AES, 3DES), while asymmetric encryption uses a public key to encrypt and a private key to decrypt (RSA, ECC). Each has different performance characteristics and use cases.
CISSP Relevance
Domain 3 (Security Architecture and Engineering) covers cryptographic concepts extensively. Expect questions on algorithm selection, key lengths, modes of operation, and when to apply symmetric versus asymmetric encryption. Understanding encryption’s role in protecting confidentiality and integrity is essential for the exam.
NIST provides algorithm recommendations in SP 800-175B Guideline for Using Cryptographic Standards.
Related terms: Symmetric Encryption, Asymmetric Encryption