SecuritySecurity+CISSP

Cryptography Fundamentals Explained for Security+ and CISSP

Cryptography is the engine behind every secure connection, every encrypted file, and every digital signature you rely on without thinking about it. Understanding it is not about writing code or doing math by hand. It is about knowing which algorithm to use for which purpose, what its properties and limitations are, and why the exam choices are wrong in specific ways. Security+ and CISSP both test cryptography concepts heavily. This guide focuses on the distinctions that actually appear on exams: symmetric vs asymmetric, block vs stream, hashing vs encryption, and which specific algorithms belong in each category.

8 min

3 sections · 7 exam key points

5 practice questions

Symmetric and asymmetric encryption

Symmetric encryption uses a single shared key to both encrypt and decrypt. Both the sender and the recipient must have the same key, which creates the key distribution problem: how do you securely share the key in the first place? Symmetric algorithms are fast and well-suited for encrypting large amounts of data. AES (Advanced Encryption Standard) is the dominant symmetric algorithm, available in 128, 192, and 256-bit key lengths. AES-256 is the standard for protecting classified government data.

Asymmetric encryption uses a mathematically linked key pair: a public key and a private key. Data encrypted with one key can only be decrypted by the other. RSA and ECC (Elliptic Curve Cryptography) are the primary asymmetric algorithms. Asymmetric encryption is significantly slower than symmetric and is not practical for encrypting large data directly. In practice, asymmetric encryption is used to securely exchange a symmetric session key, and then symmetric encryption handles the bulk data.

This hybrid approach is exactly how TLS works. The TLS handshake uses asymmetric cryptography to authenticate the server and establish a shared session key. After the handshake, all data flows encrypted with a fast symmetric algorithm using that session key.

Hashing and its role in security

A hash function takes any input and produces a fixed-length output called a hash or digest. SHA-256 always produces a 256-bit output regardless of whether the input is a single character or a 10 GB file. Two different inputs cannot produce the same hash (collision resistance), and knowing the hash tells you nothing useful about the input (pre-image resistance). Hash functions are one-way: you cannot reverse a hash to recover the original data.

Hashing is used for integrity verification. Hash a file before and after transmission. If the hashes match, the file is unchanged. Password storage should use hashing, not encryption: store only the hash of the password, never the password itself. When a user logs in, hash what they typed and compare it against the stored hash. Adding a unique random value (a salt) before hashing prevents rainbow table attacks where precomputed hash tables map common passwords to their hashes.

MD5 and SHA-1 are cryptographically broken and should not be used for security purposes. SHA-256 and SHA-3 are current standards. HMAC (Hash-based Message Authentication Code) uses a hash function combined with a secret key to provide both integrity and authentication in a single operation.

Key lengths, modes, and how to choose the correct answer

Block ciphers like AES encrypt data in fixed-size blocks (128 bits for AES). The mode of operation determines how those blocks are chained. ECB (Electronic Codebook) mode encrypts each block independently and is insecure because identical plaintext blocks produce identical ciphertext blocks, leaking patterns. CBC (Cipher Block Chaining) XORs each block with the previous ciphertext block before encrypting, breaking the pattern. GCM (Galois/Counter Mode) provides both encryption and authentication in one operation and is the standard for TLS 1.3 and modern applications.

Stream ciphers encrypt data one bit or byte at a time instead of in blocks. RC4 was a widely used stream cipher that is now cryptographically broken. Modern alternatives are rarely stream ciphers in the traditional sense because AES in CTR or GCM mode effectively creates a stream cipher behavior from a block cipher.

Algorithm selection: bulk data encryption = AES-256. Key exchange or digital signatures = RSA or ECC (ECC achieves equivalent security with shorter keys). Integrity verification = SHA-256. Password storage = bcrypt, scrypt, or Argon2 (these are designed to be intentionally slow to defeat brute force). Broken and should never be used: MD5, SHA-1, DES, RC4.

Cryptographic algorithm reference

Algorithm	Type	Use case	Status
AES-128/256	Symmetric block	Bulk data encryption	Current standard
RSA	Asymmetric	Key exchange, digital signatures	Current (2048-bit minimum)
ECC	Asymmetric	Key exchange, signatures (smaller keys)	Current, preferred over RSA
SHA-256 / SHA-3	Hash	Integrity, digital signatures, password hashing base	Current standard
HMAC	Hash + key	Integrity + authentication	Current
MD5	Hash	Legacy only	Broken, do not use for security
DES / 3DES	Symmetric block	Legacy only	Broken / deprecated

Key exam facts — Security+ / CISSP

Symmetric: one shared key, fast, bulk data. AES is the standard.
Asymmetric: key pair (public/private), slow, key exchange and signatures. RSA, ECC.
TLS uses asymmetric for key exchange, then symmetric (AES) for data.
Hash: one-way, fixed output, integrity verification. SHA-256 is current standard.
MD5 and SHA-1 are broken. DES and RC4 are broken. Never recommend these.
Salt prevents rainbow table attacks on stored password hashes.
AES-ECB: insecure (patterns visible). AES-CBC or AES-GCM: use instead.

Common exam traps

Hashing and encryption both protect data and can be reversed.

Encryption is reversible with the key. Hashing is one-way and by design cannot be reversed. Passwords should be hashed, not encrypted: if the database is breached, a hash database is far less useful than an encrypted one with a recoverable key.

Longer keys always mean stronger encryption.

Key length matters within an algorithm family, but comparing across algorithms is meaningless. A 256-bit ECC key is far stronger than a 1024-bit RSA key. A 128-bit AES key is stronger than a 1024-bit RSA key for bulk encryption. Evaluate algorithm choice and key length together.

AES-ECB is secure because AES is a strong algorithm.

The strength of the underlying AES block cipher means nothing in ECB mode because identical plaintext blocks produce identical ciphertext blocks. The famous penguin image encrypted with AES-ECB still shows the outline of the penguin. Always use CBC, CTR, or GCM mode.

Practice questions — Cryptography

These questions are representative of what you will see on Security+, CISSP exams. The correct answer and explanation are shown immediately below each question.

Q1.A security engineer needs to store 10 TB of data encrypted at rest. The solution must be fast for reads and writes. Which cryptographic algorithm is most appropriate?

A.RSA-2048

B.AES-256

C.SHA-256

D.ECC-256

Explanation: AES-256 is the standard symmetric encryption algorithm for bulk data at rest. It is fast, hardware-accelerated on modern processors, and approved for classified data protection. RSA and ECC are asymmetric — far too slow for bulk data encryption. SHA-256 is a hash function, not an encryption algorithm.

Q2.A developer stores user passwords by hashing them with SHA-256. An attacker obtains the hash database. What attack is the developer most vulnerable to?

A.Brute force using GPU clusters, potentially aided by rainbow tables

B.Key escrow recovery

C.Decryption using the server's private key

D.Replay attacks using the stored hashes directly

Explanation: SHA-256 without salting is vulnerable to rainbow table attacks (precomputed hash tables for common passwords) and GPU-accelerated brute force. Password hashing should use bcrypt, scrypt, or Argon2 — algorithms designed to be computationally expensive and which include salting by default. Using SHA-256 directly for passwords is a design flaw.

Q3.A message is sent with an HMAC attached. What does the HMAC provide that a plain hash does not?

A.Encryption of the message content

B.Both integrity verification AND authentication of the sender using a shared secret key

C.Non-repudiation through asymmetric signatures

D.Compression of the message

Explanation: An HMAC (Hash-based Message Authentication Code) combines a hash function with a shared secret key. It verifies both that the message hasn't been altered (integrity) and that the sender possesses the shared secret key (authentication). A plain hash only provides integrity — anyone who intercepts the message can recompute a valid hash after modifying it.

Q4.During a TLS handshake, which algorithm is used to exchange the session key, and which algorithm encrypts the actual data stream?

A.AES for key exchange, RSA for data

B.RSA or ECDH for key exchange, AES for data stream encryption

C.SHA-256 for key exchange, RC4 for data

D.DES for key exchange, 3DES for data

Explanation: TLS uses a hybrid approach: asymmetric cryptography (RSA or ECDH key agreement) to securely establish a shared session key during the handshake, then symmetric encryption (AES in CBC or GCM mode) to encrypt the actual data stream. Asymmetric is too slow for bulk data; symmetric is fast but needs a secure key exchange mechanism.

Q5.An engineer is reviewing code that uses AES-ECB mode to encrypt user records. What is the security concern?

A.AES-ECB produces ciphertext that is longer than the plaintext

B.Identical plaintext blocks produce identical ciphertext blocks, leaking data patterns

C.AES-ECB requires a larger key than AES-CBC

D.AES-ECB cannot be decrypted without the original initialization vector

Explanation: AES-ECB (Electronic Codebook) mode encrypts each 128-bit block independently with the same key. If two blocks contain the same plaintext, they produce the same ciphertext. This leaks patterns in the data — the classic example is the encrypted penguin image where the outline remains visible. Use AES-CBC or AES-GCM instead.

Frequently asked questions — Cryptography

What is the difference between symmetric and asymmetric encryption?

Symmetric encryption uses a single shared key for both encryption and decryption. It is fast and suited for bulk data — AES is the standard. Asymmetric encryption uses a key pair (public and private key). It solves the key distribution problem but is much slower. In practice, systems use asymmetric encryption to securely exchange a symmetric session key, then switch to symmetric for actual data transfer (this is how TLS works).

What is the difference between hashing and encryption?

Encryption is a two-way process: data encrypted with a key can be decrypted with the appropriate key. Hashing is one-way: the hash function produces a fixed-length digest, and you cannot reverse it to recover the original input. Hashing is used for integrity verification and password storage (store the hash, not the password). Encryption is used when you need to recover the original data later.

Which cryptographic algorithms are considered broken and should not be used?

MD5 and SHA-1 are cryptographically broken hash functions — collision attacks have been demonstrated. DES (56-bit key) is broken due to key length. RC4 is a broken stream cipher. For encryption, use AES-128 or AES-256. For hashing, use SHA-256 or SHA-3. For digital signatures, use RSA-2048 minimum or ECC-256. For password hashing specifically, use bcrypt, scrypt, or Argon2.

What does adding a salt to a password hash do?

A salt is a unique random value added to a password before hashing. Salting means two users with the same password get different hashes, since each salt is unique. This defeats rainbow table attacks (precomputed hash tables only work for unsalted hashes) and ensures that a breach of one hash reveals nothing about other accounts with the same password. Salts are stored alongside the hash and are not secret.

How is cryptography tested on Security+ and CISSP?

Security+ tests algorithm identification (what AES, RSA, ECC, SHA are and when to use each), the difference between hashing and encryption, which algorithms are deprecated, symmetric vs asymmetric trade-offs, and how TLS uses both. CISSP adds depth on key management, key lengths, modes of operation (ECB vs CBC vs GCM), perfect forward secrecy, and the mathematical basis of RSA and ECC (conceptually, not mathematically).

Practice this topic

Security+practice questions

Test yourself on Cryptography

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime