Free · No account · Works in your browser

Encryption Algorithm Reference

Symmetric, asymmetric, and hash algorithms — key sizes and exam context

Type:
Status:

18 of 18 algorithms shown

AES-128

SymmetricCurrent

Key size: 128-bit

Block size: 128-bit

Speed: Fast

Use case: File encryption, TLS, WPA2, disk encryption

FIPS 197 approved. 10 rounds. 128-bit key gives 2^128 possible keys — considered quantum-resistant for most uses.

Security+CISSPCEH

AES-256

SymmetricCurrent

Key size: 256-bit

Block size: 128-bit

Speed: Fast

Use case: High-security encryption, government, TLS 1.3

FIPS 197 approved. 14 rounds. Most common for sensitive data. Used in WPA3, TLS 1.3, and most modern protocols.

Security+CISSPCEH

3DES (TDES)

SymmetricLegacy

Key size: 112-bit effective (168-bit key)

Block size: 64-bit

Speed: Slow

Use case: Legacy banking (replaced by AES)

Applies DES three times. Officially deprecated by NIST in 2018. Only still seen in legacy POS systems. 64-bit block size is a weakness (Birthday attack).

Security+CISSP

DES

SymmetricDeprecated

Key size: 56-bit

Block size: 64-bit

Speed: Fast

Use case: Historical reference only

Cracked in 1999 in 22 hours. 56-bit key is far too small. Never use in modern systems — exam distractor for wrong answers.

Security+CISSP

Blowfish

SymmetricLegacy

Key size: 32–448-bit

Block size: 64-bit

Speed: Fast

Use case: Password hashing (bcrypt), legacy VPN

Free alternative to DES when it was patented. 64-bit block size limits it. Still used in bcrypt for password hashing.

Security+

ChaCha20

SymmetricCurrent

Key size: 256-bit

Speed: Fast

Use case: TLS 1.3 (mobile), WireGuard VPN

Stream cipher. No block size — processes data byte-by-byte. Faster than AES on devices without hardware AES support. Used in TLS 1.3 and WireGuard.

Security+CISSP

RC4

SymmetricDeprecated

Key size: 40–2048-bit

Speed: Fast

Use case: WEP (broken), old SSL/TLS (removed)

Stream cipher. Vulnerable to key-scheduling and statistical biases. Removed from TLS in RFC 7465. Used in the broken WEP protocol.

Security+CEH

RSA-2048

AsymmetricCurrent

Key size: 2048-bit

Speed: Slow

Use case: Digital signatures, key exchange, TLS certificates

Security relies on difficulty of factoring large integers. 2048-bit is current minimum recommended. 4096-bit used for long-lived keys. NOT used for bulk encryption — only for key exchange.

Security+CISSPCEH

RSA-4096

AsymmetricCurrent

Key size: 4096-bit

Speed: Slow

Use case: CA root certificates, long-lived signing keys

Computationally expensive but provides strong long-term security. Common for certificate authority root keys.

CISSP

ECC (P-256)

AsymmetricCurrent

Key size: 256-bit (~3072-bit RSA equivalent)

Speed: Medium

Use case: TLS certificates, code signing, mobile devices

Elliptic Curve Cryptography. Provides equivalent security to RSA with much shorter keys. Preferred in TLS 1.3 and modern mobile apps.

Security+CISSP

Diffie-Hellman

AsymmetricCurrent

Key size: 2048-bit+

Speed: Slow

Use case: Key exchange (no encryption, no signing)

Enables two parties to establish a shared secret over an insecure channel. Does NOT encrypt or sign. ECDHE (ephemeral) provides forward secrecy in TLS.

Security+CISSPCEH

ElGamal

AsymmetricLegacy

Key size: Variable

Speed: Slow

Use case: PGP/GPG encryption, digital signatures

Based on Diffie-Hellman. Used in PGP. Produces ciphertext twice the size of plaintext. Mostly replaced by RSA and ECC in practice.

CISSP

SHA-256

HashCurrent

Key size: N/A

Speed: Fast

Use case: Digital signatures, SSL certificates, Bitcoin

Part of SHA-2 family. Produces 256-bit (32-byte) digest. FIPS 180-4 approved. Standard for most modern applications. SHA-2 family also includes SHA-384, SHA-512.

Security+CISSPCEH

SHA-1

HashDeprecated

Key size: N/A

Speed: Fast

Use case: Deprecated — legacy certificates only

Produces 160-bit digest. Collision demonstrated by Google (SHAttered, 2017). Removed from TLS and certificate signing. Still appears on exams as a wrong answer / deprecated option.

Security+CISSP

MD5

HashDeprecated

Key size: N/A

Speed: Fast

Use case: File integrity checks (non-security), checksums

Produces 128-bit digest. Collision attacks known since 2004. Not suitable for cryptographic purposes. Still used for non-security checksums (file downloads). Never use for passwords.

Security+CISSPCEH

SHA-3

HashCurrent

Key size: N/A

Speed: Medium

Use case: Post-quantum hashing, government applications

Based on Keccak algorithm. Structurally different from SHA-2 (not SHA-2's successor). Selected by NIST in 2012 as an alternative standard.

CISSP

bcrypt

HashCurrent

Key size: N/A

Speed: Slow

Use case: Password storage (intentionally slow — work factor is adjustable)

Includes built-in salt. Preferred for password hashing. Slowness defeats GPU brute-force attacks.

Security+CISSP

PBKDF2

HashCurrent

Key size: N/A

Speed: Slow

Use case: Password-based key derivation (WPA2, iOS keychain)

Password-Based Key Derivation Function 2. Applies HMAC many thousands of times. FIPS-approved. Used in WPA2 to derive the PMK from a passphrase.

CISSP

Frequently asked questions

What is the difference between symmetric and asymmetric encryption?

Symmetric encryption uses the same key to encrypt and decrypt (e.g., AES). It is fast but requires secure key exchange. Asymmetric encryption uses a public/private key pair (e.g., RSA) — encrypt with the public key, decrypt with the private key. It is slow but solves the key distribution problem.

Why is AES preferred over 3DES?

AES has a 128-bit block size (3DES has 64-bit, which is vulnerable to birthday attacks), is faster on modern hardware, uses simpler and more transparent design, and is FIPS 197 approved. NIST deprecated 3DES in 2018.

What is the difference between a hash function and encryption?

Encryption is reversible — you can decrypt with the right key. Hashing is a one-way function — you cannot reverse a hash to get the original data. Hashes are used for integrity verification and password storage (you hash the input and compare hashes, never storing the original password).

Why is MD5 still seen in exam questions if it is deprecated?

Exam questions use MD5 as a distractor — a tempting but wrong answer. Security+ and CISSP test whether you know that MD5 is cryptographically broken (collision attacks since 2004) and should never be used for security purposes. For file checksums where security doesn't matter, MD5 still works.

What is forward secrecy and which algorithm provides it?

Forward secrecy (or Perfect Forward Secrecy, PFS) means that compromise of a long-term private key doesn't expose past session keys. ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) provides forward secrecy in TLS by generating unique session keys that are discarded after use.