CyberSecurity FAQ - What is a cryptographic key?

Alternative FAQ Phrasings: What is a cryptographic key? | What is an encryption/decryption key? | What is a crypto key?

Definition: cryptography key (a.k.a. encryption/decryption key, or crypto key for short) is an input parameter to a cryptographic algorithm or cipher function, which uniquely encodes plaintext (messages or other information) into ciphertext during encryption, and vice versa during decryption.

To explicate further, consider the following pseudocode for the complementary cryptographic algorithm functions encode and decode with parameters plaintext, cryptokey, and ciphertext:

• encode (plaintext: String; cryptokey: String): ciphertext: String
• decode (ciphertext: String; cryptokey: String): plaintext: String

The input and output parameters for encode and decode functions are described below:

• plaintext: the unencrypted message or other information which is an input parameter to the encode function, and is a return parameter for the decode function.
• ciphertext: the encrypted message or other information which is a return parameter for the encode function, and is an input parameter for the decode function.
• cryptokey: the cryptographic key used by both the encode and decode functions to encrypt and decrypt the plaintext and ciphertext parameters respectively. Note that the cryptokey need not be identical for both encryption and decryption.

Note that the cryptographic keys used for for encryption and decryption needn’t be symmetrical (i.e., identical). Indeed, for public-key encryption systems, the cryptographic keys are asymmetrical.

In addition to encryption and decryption algorithms, cryptographic keys can be used for other cryptographic algorithms, such as digital signature schemes and message authentication codes.

To learn more about encryption and decryption cryptography techniques, see the following Cybersecurity FAQs:

• CyberSecurity FAQ - What is encryption? What is decryption?
• CyberSecurity FAQ - What is public-key encryption?
• CyberSecurity FAQ - What is end-to-end encryption?

If you have constructive recommendations to correct, clarify, or otherwise improve this or any other Cybersecurity FAQ, please contact us.

---

CYBERSECURITY & DESIGN HANDS-ON WORKSHOP TRAINING OPTIONS
If you seek professional cybersecurity architecture hands-on training that emphasizes robust architecture modeling languages (UML2, SysML, CyberML), strong cyptographic techniques, popular architecture modeling tools (Sparx EA, MagicDraw/Cameo, Rhapsody), and numerous practice exercises, check out PivotPoint's Essential Cybersecurity Architecture & Design Applied hands-on training workshops.