Ever since sensitive data has been in existence, people have attempted to disguise it to keep unauthorized individuals from viewing it. According to legend, Julius Caesar used a "shift by 3" rule (replace an A with a D, a B with an E, and so on) to encrypt messages. This ensured that no messenger or spy could read the messages, but the trusted recipients who knew the "shift by 3" rule could.

Numerous algorithms for encrypting and decrypting sensitive material have been produced over time. Many have been broken already, and as computers become faster, it's only a matter of time before existing ones are cracked. However, time is a cryptographic algorithm's greatest ally. Most encryption algorithms rely on an encryption key to perform the encryption. The key's size and complexity determines how well an encryption algorithm works; the larger and more complex the key, the more time, in theory, it takes to break it. For instance, an encryption key of 40 bits has more than 1 billion possible combinations. Even if a computer could test 10,000 possible combinations per second (a fairly high number), it would take almost three and a half years of uninterrupted processing to come up with every possible combination for the encryption key. The classes within the .NET Framework can use encryption keys varying in size from 40 to 256 bits, which gives you plenty of encryption power within your apps.

You can use these encryption algorithms for just about anything that needs to ensure security or data integrity. However, each type of algorithm lends itself to certain functions. Private-key algorithms are useful for internal encryption needs, such as protecting sensitive user settings for an application. Public-key algorithms are extremely useful for securing communications between two parties. Hash algorithms are used commonly for password authentication. You use encryption algorithms to encrypt and decrypt information; hash algorithms create a unique value for some information, which is then used to ensure that information hasn't been tampered with, or that it matches a previously stored hash value.