Every time you log into your bank, send a private message or buy something online, encryption is working quietly in the background to keep your information out of the wrong hands. Most people never see it, but it is one of the foundations of a usable, trustworthy internet.
Here is how it works, without the jargon.
What encryption is
Encryption is the process of scrambling readable information so that only someone with the right key can turn it back into something meaningful.
The original, readable data is called plaintext. Once encrypted, it becomes ciphertext — a jumble that looks like nonsense. A mathematical key controls the scrambling and unscrambling. Without the correct key, the ciphertext is effectively useless, even to someone who manages to intercept or steal it.
That simple idea — useless without the key — is what protects passwords, messages, payments and files across the internet.
Symmetric encryption: one shared key
The most straightforward form is symmetric encryption, where the same secret key both locks and unlocks the data.
Think of a lockbox with a single key. Anyone who has a copy of that key can open it. Symmetric encryption is fast and efficient, which makes it ideal for protecting large amounts of data.
It has one obvious weakness: both sides need the same key, so you have to share that key securely first. If someone intercepts the key while it is being shared, the whole system falls apart. That problem is exactly what the next type was designed to solve.
Public-key encryption: a clever two-key trick
Public-key encryption, also called asymmetric encryption, uses a pair of mathematically linked keys:
- A public key, which you can hand out freely. Anyone can use it to encrypt a message to you.
- A private key, which you keep secret. Only it can decrypt those messages.
The breakthrough is that the public key can lock data but cannot unlock it. So you can publish your public key to the world, let anyone encrypt a message to you, and know that only your private key can open it. No secret needs to be shared in advance.
Public-key encryption is slower than symmetric encryption, so in practice the two are combined: public-key methods are used to safely exchange a temporary symmetric key, which then does the heavy lifting.
HTTPS and TLS: the padlock explained
When you see https and a padlock in your browser's address bar, your connection is protected by a system called TLS (Transport Layer Security).
Here is roughly what happens when you visit a secure site:
- Your browser and the website greet each other and agree on the encryption methods they both support.
- Using public-key cryptography, they securely establish a shared symmetric key for this session.
- From then on, the data travelling between you and the site is encrypted with that key.
This means that anyone sitting between you and the website — on public Wi-Fi, for example — sees only scrambled traffic, not your passwords or card details.
The padlock means your connection to the site is encrypted. It does not promise the site is honest. Scammers can run HTTPS too, so the padlock protects the pipe, not the people at the other end.
End-to-end encryption: only you and them
Some messaging and email services go a step further with end-to-end encryption (E2EE).
With ordinary encryption, your data may be protected as it travels, but the company running the service can often still read it on their servers. With end-to-end encryption, the message is encrypted on your device and can only be decrypted on the recipient's device. Not even the service provider can read the contents.
For everyday users, this matters because it limits how much a company — or anyone who breaches that company — can see. It is especially valuable for private conversations, sensitive documents and anyone with reason to guard their communications.
Why it matters for everyone
Encryption is not just for spies, banks or the technically savvy. It protects ordinary daily life:
- It keeps passwords and payment details safe on shared and public networks.
- It guards personal messages, photos and health information from prying eyes.
- It underpins trust in online shopping, banking and government services.
You do not need to manage any of this yourself. The main practical steps are simple: prefer sites that use HTTPS, keep your devices and apps updated, and choose services that offer end-to-end encryption when privacy matters.
The bottom line
Encryption works by scrambling data so that only the holder of the right key can read it. Symmetric encryption uses one shared key, public-key encryption uses a clever public-and-private pair, and together they power the HTTPS connections you rely on every day. End-to-end encryption adds a further layer by keeping even the service provider in the dark.
You will rarely notice it, but encryption is doing constant, invisible work to keep your digital life private and secure.