Cryptography in AP Cybersecurity

Cryptography is the practice of hiding information so only authorized people can read it. A cryptographic algorithm combines plaintext with a key to produce ciphertext (encryption), and reverses that process with the key to recover the original data (decryption).

Verified for the 2027 AP Cybersecurity examLast updated June 2026

What is cryptography?

Cryptography is the science of hiding information so only the right people can read it. The whole point is secrecy: you take readable data and scramble it into something useless to anyone who doesn't have the key. A cryptographic algorithm is the recipe for doing this. It defines exactly how to encrypt (hide) information and how to decrypt (reverse it back to the original).

Here's the vocabulary that the CED wants you to nail. The readable input is the plaintext. The algorithm combines that plaintext with a predefined key, and the scrambled output is the ciphertext. Encryption is the process of turning plaintext into ciphertext, and decryption is running it backward to get the plaintext back. The key matters a lot. The more possible keys there are, the harder it is for an attacker to guess yours, which is why longer keys mean stronger encryption (and slower processing). Computer-based cryptography all runs on binary data, and the most common symmetric algorithm you'll see is AES (the Advanced Encryption Standard).

Why cryptography matters in AP Cybersecurity

Cryptography lives in Unit 5: Securing Applications and Data, specifically Topic 5.3, Protecting Stored Data with Cryptography. It backs learning objective AP Cybersecurity 5.3.A (explain how encryption protects files) and AP Cybersecurity 5.3.B (apply symmetric encryption algorithms to encrypt and decrypt data). This is the foundation for the entire unit's data-protection theme. If a file sitting on a disk gets stolen, encryption is what keeps that data unreadable. You're expected to know the core terms cold and be able to trace the flow from plaintext to ciphertext and back.

Keep studying AP Cybersecurity Unit 5

How cryptography connects across the course

AES (Unit 5)

AES is cryptography in action. It's the most common symmetric block cipher, encrypting data in 128-bit blocks, and it secures Wi-Fi, web browsing, and files on disk. When the exam asks for a real-world cryptography example, AES is almost always the answer.

Encryption and Decryption (Unit 5)

These are the two halves of cryptography. Encryption hides the plaintext into ciphertext, decryption reverses it with the key. Think of cryptography as the field, and encryption/decryption as the two directions you run the process.

Cryptographic Hash Functions (Unit 5)

Hashing (like SHA-256 or MD5) is cryptography's one-way cousin. Encryption is reversible because you can decrypt with the key, but hashing is designed to never be undone. Both protect data, but only encryption gets you the original back.

Is cryptography on the AP Cybersecurity exam?

Expect multiple-choice questions that hand you a scenario and ask for the right term. One stem describes an algorithm combining plaintext with a key to produce ciphertext that protects stored files and asks which term fits (the answer is encryption). Another describes an analyst using the correct key to turn random-looking characters back into readable text, testing whether you can name decryption. You'll also see questions asking for a practical AES application or to identify a block cipher. No released FRQ has used "cryptography" verbatim, but the term anchors any question about protecting stored data, so know the plaintext to ciphertext flow and which algorithm (AES) does the work.

Cryptography vs hashing (cryptographic hash functions)

Encryption is two-way: you encrypt with a key and decrypt with a key to get the original back. Hashing is one-way: SHA-256 turns data into a fixed digest you can't reverse. If a question is about getting the original data back, it's encryption. If it's about verifying integrity or storing passwords without recovering them, it's hashing.

Key things to remember about cryptography

  • The purpose of cryptography is to hide information so only authorized people can read it.

  • A cryptographic algorithm combines plaintext with a key to produce ciphertext, and that's called encryption; reversing it with the key is decryption.

  • AES is the most common symmetric block cipher, encrypting data in 128-bit (16-byte) blocks, and it's used for Wi-Fi, web browsing, and file and hardware encryption.

  • Longer keys produce stronger encryption because there are more possible keys to guess, but they take more time to encrypt and decrypt.

  • All computer-based encryption operates on binary data.

Frequently asked questions about cryptography

What is cryptography in AP Cybersecurity?

Cryptography is the practice of hiding information using an algorithm and a key. You encrypt plaintext into unreadable ciphertext and decrypt it back with the key, which is how stored files are protected from unauthorized access (Topic 5.3).

Is cryptography the same as encryption?

Not quite. Cryptography is the whole field of hiding information. Encryption is one specific process within it, turning plaintext into ciphertext, while decryption reverses it. Cryptography is the umbrella; encryption and decryption are the two actions under it.

How is cryptography different from hashing?

Cryptography (encryption) is reversible because you can decrypt with the key to recover the original data. Hashing, like SHA-256, is one-way and can't be undone. Use encryption when you need to read the data again, and hashing when you only need to verify integrity.

What is the most common cryptographic algorithm on the AP exam?

AES, the Advanced Encryption Standard. It's a symmetric key block cipher that encrypts data in 128-bit blocks and protects Wi-Fi, internet browsing, and files on disk. When a question asks for a real cryptography example, AES is usually the answer.

Why do longer keys make encryption more secure?

More key length means more possible keys an attacker would have to try to guess yours, so brute-forcing it gets much harder. The trade-off is that longer keys take more time to encrypt and decrypt.

Keep studying AP Cybersecurity

Connect this key term to the AP exam workflow: review the course, practice questions, and check related study tools.