CyberSecurity FAQ - What is a cryptographic key?

A cryptography key is an input parameter to a cryptographic algorithm or cipher function, which uniquely encodes plaintext (messages or other information) into ciphertext during encryption, and vice versa during decryption. (See the What is encryption? What is decryption? FAQ).

To explicate further, consider the following pseudocode for the complementary cryptographic algorithm functions encode and decode with parameters plaintext, cryptokey, and ciphertext:
  • encode (plaintext: String; cryptokey: String): ciphertext: String
  • decode (ciphertext: String; cryptokey: String): plaintext: String

The input and output parameters for encode and decode functions are described below:

  • plaintext: the unencrypted message or other information which is an input parameter to the encode function, and is a return parameter for the decode function.
  • ciphertext: the encrypted message or other information which is a return parameter for the encode function, and is an input parameter for the decode function.
  • cryptokey: the cryptographic key used by both the encode and decode functions to encrypt and decrypt the plaintext and ciphertext parameters respectively. Note that the cryptokey need not be identical for both encryption and decryption.
Note that the cryptographic keys used for for encryption and decryption needn’t be symmetrical (i.e., identical). Indeed, for public-key encryption systems the cryptographic keys are asymmetrical. See the What is public-key encryption? FAQ for details.

In addition to encryption and decryption algorithms, cryptographic keys can be used for other cryptographic algorithms, such as digital signature schemes and message authentication codes.