Cryptography Basics Cheat Sheet
Introduces symmetric and asymmetric encryption, hashing, and digital signatures with practical examples of correct algorithm usage.
2 PagesBeginnerFeb 2, 2026
Core Concepts
Foundational cryptographic terms and their purpose.
- Symmetric encryption- Same key encrypts and decrypts (e.g. AES); fast, used for bulk data
- Asymmetric encryption- Public key encrypts, private key decrypts (e.g. RSA, ECC); used for key exchange/signing
- Hashing- One-way function producing a fixed-size digest (e.g. SHA-256); used for integrity, not encryption
- Digital signature- Private key signs a hash of data; anyone with the public key can verify authenticity/integrity
- Salt- Random value added to input before hashing to prevent rainbow-table attacks
- HMAC- Keyed-hash message authentication code, verifies integrity and authenticity together
Password Hashing (Python)
Correct way to hash and verify passwords using a slow, salted algorithm.
python
import bcrypt# Hash a password (bcrypt generates and stores the salt automatically)hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt())# Verify a password against a stored hashif bcrypt.checkpw(password.encode(), hashed): print("Password matches")
Symmetric Encryption (Python, AES-GCM)
Authenticated encryption using AES in GCM mode.
python
from cryptography.hazmat.primitives.ciphers.aead import AESGCMimport oskey = AESGCM.generate_key(bit_length=256)aesgcm = AESGCM(key)nonce = os.urandom(12) # Never reuse a nonce with the same keyciphertext = aesgcm.encrypt(nonce, b"secret data", associated_data=None)plaintext = aesgcm.decrypt(nonce, ciphertext, associated_data=None)
Algorithm Selection Guidance
Which algorithms to prefer or avoid as of current best practice.
- Use- AES-256-GCM, ChaCha20-Poly1305, SHA-256/SHA-3, RSA-2048+ or ECC (P-256/Curve25519), bcrypt/Argon2 for passwords
- Avoid- MD5, SHA-1 (for security purposes), DES/3DES, RC4, ECB mode encryption
- Never roll your own- Use vetted libraries (OpenSSL, libsodium, language crypto standard libs) instead of custom crypto
Pro Tip
Never encrypt passwords for storage — hash them with a slow, salted algorithm like bcrypt or Argon2; encryption is reversible by design, which is exactly what you don't want for credential storage.
Was this cheat sheet helpful?
Previous
Cross-Site Scripting (XSS) Prevention Cheat Sheet
Next
Public Key Infrastructure (PKI) Cheat Sheet
Explore Topics
#CryptographyBasics#CryptographyBasicsCheatSheet#Cybersecurity#Beginner#CoreConcepts#PasswordHashingPython#Symmetric#Encryption#Algorithms#Security#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech
Professional Web Designing Services
- Responsive Websites
- E-commerce Solutions
- SEO Friendly Design
- Fast & Secure
- Support & Maintenance