Sign in to save

Bookmark this page so you can find it later.

Sign in to save

Bookmark this page so you can find it later.
Cryptography & Encryption cheat sheet - grade 9-12

Click image to open full size

Computer Science Grade 9-12

Cryptography & Encryption Cheat Sheet

A printable reference covering symmetric encryption, public key encryption, hashing, digital signatures, certificates, and safe key practices for grades 9-12.

Download PNG

Related Tools

Related Labs

Related Worksheets

Related Infographics

Cryptography is the study of protecting information so only the intended people or systems can read or verify it. This cheat sheet helps students compare encryption, hashing, signatures, and certificates without mixing up their purposes. These ideas are important for secure websites, messaging apps, passwords, software updates, and digital payments. A clear reference makes it easier to choose the right tool for confidentiality, integrity, authentication, or nonrepudiation. The core concepts are based on keys, algorithms, and one-way functions. Symmetric encryption uses one shared secret key, while asymmetric encryption uses a public key and a private key. Hash functions create fixed-length fingerprints, and digital signatures prove who signed data and whether it changed. Secure systems often combine several tools, such as TLS using certificates, key exchange, encryption, and message authentication together.

Key Facts

  • Encryption changes plaintext into ciphertext using an algorithm and a key, and decryption changes ciphertext back into plaintext using the correct key.
  • Symmetric encryption uses the same secret key for encryption and decryption, written as ciphertext = Encrypt(secret key, plaintext).
  • Asymmetric encryption uses a public key and a private key, so data encrypted with a public key can be decrypted only with the matching private key.
  • A cryptographic hash function maps data to a fixed-length digest, written as digest = Hash(message), and it should be hard to reverse or find two messages with the same digest.
  • A digital signature is created with a private key and checked with the matching public key, written as signature = Sign(private key, Hash(message)).
  • Authentication verifies identity, integrity verifies that data was not changed, confidentiality keeps data secret, and nonrepudiation helps prevent a sender from denying a signed message.
  • A certificate connects a public key to an identity and is trusted because it is signed by a certificate authority.
  • Good key management means using strong random keys, keeping private keys secret, rotating keys when needed, and never storing passwords as plain text.

Vocabulary

Plaintext
Plaintext is the original readable data before encryption is applied.
Ciphertext
Ciphertext is the scrambled output produced by encryption that should not be readable without the correct key.
Symmetric Key
A symmetric key is a shared secret key used by both the sender and receiver for encryption and decryption.
Public Key
A public key is a key that can be shared openly and is paired with a private key for encryption or signature verification.
Hash Function
A hash function is a one-way algorithm that converts input data into a fixed-size digest.
Certificate Authority
A certificate authority is a trusted organization that signs digital certificates to confirm public key ownership.

Common Mistakes to Avoid

  • Confusing encryption with hashing is wrong because encrypted data is meant to be decrypted, while hashed data is meant to be one-way and not recoverable.
  • Sharing a private key is wrong because anyone with the private key can decrypt private messages or create signatures that appear to come from the owner.
  • Using the same password as an encryption key directly is wrong because passwords are often low entropy and should first be processed with a key derivation function.
  • Assuming a hash proves who sent a message is wrong because anyone can compute a hash, while a digital signature requires the sender's private key.
  • Trusting a certificate without checking its issuer, expiration date, and domain name is wrong because an invalid certificate may belong to an attacker or an unrelated site.

Practice Questions

  1. 1 A message has 2,000 bytes of plaintext. After encryption, it becomes ciphertext. What are the names of the input and output in this process?
  2. 2 A system uses a 128-bit symmetric key. How many bits long is the key, and why is random key generation important?
  3. 3 A website sends a certificate containing its public key, and the certificate is signed by a certificate authority. What does the browser check before trusting it?
  4. 4 A student says passwords should be encrypted instead of hashed before being stored. Explain why secure password storage usually uses salted hashing rather than reversible encryption.