EducaWeb
EnglishEspañolFrançais
Level 1 0 XP 0
πŸ”
CodingπŸŽ“ Ages 14-18Intermediate 11 min read

Encryption and Keeping Data Safe

Encryption explained for teens: plaintext vs ciphertext, the Caesar cipher, symmetric vs public-key encryption, hashing, and how HTTPS protects you. With worked examples and a quiz.

Key takeaways

  • Encryption scrambles readable data (plaintext) into unreadable data (ciphertext) using a key
  • Symmetric encryption uses one shared secret key; public-key encryption uses a public key to lock and a private key to unlock
  • Hashing turns data into a fixed fingerprint that cannot be reversed, used to check passwords safely
  • HTTPS combines public-key and symmetric encryption to protect data as it travels the internet

Keeping secrets in a connected world

Every day you send private information across networks: messages, passwords, payment details, photos. Those packets pass through many machines you do not control on their way to a server. Encryption is what keeps that data safe β€” it scrambles your information so that even if someone intercepts it, they see only nonsense.

Before encryption, your data is called plaintext (readable). After encryption it becomes ciphertext (scrambled). The secret ingredient that controls the scrambling and unscrambling is called a key.

A simple cipher to build intuition

The oldest idea in cryptography is the Caesar cipher, named after the Roman general said to have used it. You shift every letter forward by a fixed number of positions. With a shift of 3:

Plaintext:   H E L L O
Shift +3:    K H O O R
Ciphertext:  KHOOR

Here the key is the number 3. To read the message, the receiver shifts back by 3. Anyone who does not know the shift sees only KHOOR.

The Caesar cipher teaches the core idea β€” transform the data using a secret key β€” but it is hopelessly weak. There are only 25 possible shifts, so an attacker can try them all in seconds. Real encryption uses the same principle with vastly larger keys and far cleverer mathematics, so that guessing is effectively impossible.

Symmetric encryption: one shared key

In symmetric encryption, the same key is used to encrypt and to decrypt. The Caesar cipher is symmetric: both sides need to know "3." Modern symmetric algorithms like AES use keys that are 128 or 256 bits long β€” so many possible keys that trying them all would take longer than the age of the universe.

Symmetric encryption is fast, which makes it great for protecting large amounts of data. But it has one tricky problem: how do the two sides agree on the secret key in the first place without an eavesdropper learning it? If you have to send the key over the same insecure network, an attacker could grab it. This is called the key distribution problem, and it leads to the next big idea.

Public-key encryption: two keys

Public-key (asymmetric) encryption solves the key problem with a clever twist: each person has a pair of keys that work together.

  • A public key, which they share with everyone. It can only lock (encrypt) data.
  • A private key, which they keep secret. It is the only thing that can unlock (decrypt) what the public key locked.

Imagine a postbox with a slot. Anyone can drop a letter in (encrypt with the public key), but only the owner with the key to the box can open it and read the letters (decrypt with the private key). Because the public key only locks, it is safe to hand out freely.

This is brilliant because two strangers can communicate securely without ever sharing a secret in advance. The maths is designed so that even though everyone can see the public key, no one can work backwards to find the private key in any reasonable amount of time.

Public-key encryption is slow, though, so it is usually used just to safely exchange a small symmetric key, which then does the heavy lifting.

Hashing: fingerprints, not secrets

Sometimes you do not want to read data later β€” you only want to check it. For that we use hashing. A hash function takes any input and produces a fixed-length fingerprint. The same input always gives the same fingerprint, but the process is one-way: you cannot turn a hash back into the original.

This is how good websites store passwords. They never keep your actual password. Instead they store its hash:

"hunter2"  β†’  hash  β†’  f3a9c1...   (stored)

When you log in, the site hashes what you typed and compares fingerprints. If a hacker steals the database, they get hashes, not passwords. (Sites also add random "salt" to each password before hashing so identical passwords don't share a fingerprint.) Hashing is also used to check that a downloaded file has not been tampered with β€” change one bit and the fingerprint changes completely.

How HTTPS protects you

When you visit a secure website, your browser shows a padlock and the address starts with HTTPS. Behind that padlock, encryption is working hard, combining everything above:

  1. Your browser and the server use public-key encryption to safely agree on a shared secret.
  2. That shared secret becomes a fast symmetric key.
  3. All the data β€” pages, passwords, payments β€” is then encrypted with that symmetric key as it travels.

If you have read Computer Networks and Protocols, this is the TLS layer in action, sitting on top of TCP/IP. Anyone listening on the network sees only ciphertext.

Staying safe in practice

Strong encryption is only one part of security. The weakest link is usually people. To keep your own data safe:

  • Use long, unique passwords (or a password manager) β€” short ones can be guessed even when hashed.
  • Turn on two-factor authentication so a stolen password alone is not enough.
  • Look for HTTPS before typing anything private.
  • Be wary of messages that try to trick you into revealing a password β€” no encryption can protect data you hand over willingly.

Try this activity

Crack and build a cipher. First, decrypt this Caesar-cipher message that used a shift of +1: IBQQZ DPEJOH. (Shift each letter back by one.) Then choose your own shift, encrypt a short message, and pass it to a friend along with the key. Finally, explain in a sentence why a shift cipher is easy to break but AES with a 256-bit key is not.

To see how the data you encrypt also gets shrunk before sending, read How Data Is Compressed.

Quick quiz

Test yourself and earn XP

What does encryption do?

In the Caesar cipher, what is the key?

How does public-key encryption differ from symmetric encryption?

Why do websites store a hash of your password instead of the password itself?

What does the padlock and HTTPS in a browser mean?

FAQ

No. Encryption is two-way: with the right key you can decrypt and get the original back. Hashing is one-way: it produces a fixed fingerprint that cannot be turned back into the original. Encryption protects data you need to read later; hashing checks data without storing the real thing.

The public key can only lock data, not unlock it. Unlocking requires the matching private key, which the owner never shares. The maths is designed so that knowing the public key gives no practical way to work out the private key.

Strong modern encryption with a long key would take today's computers far longer than the age of the universe to crack by brute force. Most real breaches happen through weak passwords, tricked users, or software bugs β€” not by defeating the encryption maths itself.

Keep exploring

More in Coding

πŸ€–CodingAges 4-6Giving Instructions to a RobotAn early-years coding lesson for ages 4-6: learn how to give clear step-by-step instructions to a robot, why order matteπŸŸ₯CodingAges 4-6Patterns and CodingA warm early-years coding lesson about patterns: spot, copy, and make patterns with colors, shapes and sounds, and see hπŸ”’CodingAges 4-6Sequences: Putting Steps in OrderAn early-years coding lesson on sequences: learn how computers do steps in order, why the order matters, and practice wi